Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-21702 (GCVE-0-2025-21702)
Vulnerability from cvelistv5
Published
2025-02-18 14:37
Modified
2025-11-03 19:35
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
pfifo_tail_enqueue: Drop new packet when sch->limit == 0
Expected behaviour:
In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a
packet in scheduler's queue and decrease scheduler's qlen by one.
Then, pfifo_tail_enqueue() enqueue new packet and increase
scheduler's qlen by one. Finally, pfifo_tail_enqueue() return
`NET_XMIT_CN` status code.
Weird behaviour:
In case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a
scheduler that has no packet, the 'drop a packet' step will do nothing.
This means the scheduler's qlen still has value equal 0.
Then, we continue to enqueue new packet and increase scheduler's qlen by
one. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by
one and return `NET_XMIT_CN` status code.
The problem is:
Let's say we have two qdiscs: Qdisc_A and Qdisc_B.
- Qdisc_A's type must have '->graft()' function to create parent/child relationship.
Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.
- Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.
- Qdisc_B is configured to have `sch->limit == 0`.
- Qdisc_A is configured to route the enqueued's packet to Qdisc_B.
Enqueue packet through Qdisc_A will lead to:
- hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B)
- Qdisc_B->q.qlen += 1
- pfifo_tail_enqueue() return `NET_XMIT_CN`
- hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A.
The whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1.
Replace 'hfsc' with other type (for example: 'drr') still lead to the same problem.
This violate the design where parent's qlen should equal to the sum of its childrens'qlen.
Bug impact: This issue can be used for user->kernel privilege escalation when it is reachable.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee Version: 57dbb2d83d100ea601c54fe129bfde0678db5dee |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:35:50.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/sch_fifo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "78285b53266d6d51fa4ff504a23df03852eba84e",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "7a9723ec27aff5674f1fd4934608937f1d650980",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "a56a6e8589a9b98d8171611fbcc1e45a15fd2455",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "020ecb76812a0526f4130ab5aeb6dc7c773e7ab9",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "79a955ea4a2e5ddf4a36328959de0de496419888",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "e40cb34b7f247fe2e366fd192700d1b4f38196ca",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "b6a079c3b6f95378f26e2aeda520cb3176f7067b",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
},
{
"lessThan": "647cef20e649c576dff271e018d5d15d998b629d",
"status": "affected",
"version": "57dbb2d83d100ea601c54fe129bfde0678db5dee",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/sch_fifo.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.34"
},
{
"lessThan": "2.6.34",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.291",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.179",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.130",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.83",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.14",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.291",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.235",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.179",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.130",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.83",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.14",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.3",
"versionStartIncluding": "2.6.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14",
"versionStartIncluding": "2.6.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:19:19.050Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/78285b53266d6d51fa4ff504a23df03852eba84e"
},
{
"url": "https://git.kernel.org/stable/c/7a9723ec27aff5674f1fd4934608937f1d650980"
},
{
"url": "https://git.kernel.org/stable/c/a56a6e8589a9b98d8171611fbcc1e45a15fd2455"
},
{
"url": "https://git.kernel.org/stable/c/020ecb76812a0526f4130ab5aeb6dc7c773e7ab9"
},
{
"url": "https://git.kernel.org/stable/c/79a955ea4a2e5ddf4a36328959de0de496419888"
},
{
"url": "https://git.kernel.org/stable/c/e40cb34b7f247fe2e366fd192700d1b4f38196ca"
},
{
"url": "https://git.kernel.org/stable/c/b6a079c3b6f95378f26e2aeda520cb3176f7067b"
},
{
"url": "https://git.kernel.org/stable/c/647cef20e649c576dff271e018d5d15d998b629d"
}
],
"title": "pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-21702",
"datePublished": "2025-02-18T14:37:43.429Z",
"dateReserved": "2024-12-29T08:45:45.748Z",
"dateUpdated": "2025-11-03T19:35:50.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-21702\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-18T15:15:18.530\",\"lastModified\":\"2025-11-03T20:17:09.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\\n\\nExpected behaviour:\\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\\nThen, pfifo_tail_enqueue() enqueue new packet and increase\\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\\n`NET_XMIT_CN` status code.\\n\\nWeird behaviour:\\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\\nThis means the scheduler\u0027s qlen still has value equal 0.\\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\\none and return `NET_XMIT_CN` status code.\\n\\nThe problem is:\\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\\n\\nEnqueue packet through Qdisc_A will lead to:\\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\\n - Qdisc_B-\u003eq.qlen += 1\\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\\n\\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\\n\\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pfifo_tail_enqueue: Descartar nuevo paquete cuando sch-\u0026gt;limit == 0 Comportamiento esperado: En caso de que alcancemos el l\u00edmite del planificador, pfifo_tail_enqueue() descartar\u00e1 un paquete en la cola del planificador y disminuir\u00e1 el qlen del planificador en uno. Luego, pfifo_tail_enqueue() pone en cola un nuevo paquete y aumenta el qlen del planificador en uno. Finalmente, pfifo_tail_enqueue() devuelve el c\u00f3digo de estado `NET_XMIT_CN`. Comportamiento extra\u00f1o: En caso de que establezcamos `sch-\u0026gt;limit == 0` y activemos pfifo_tail_enqueue() en un planificador que no tiene ning\u00fan paquete, el paso \u0027descartar un paquete\u0027 no har\u00e1 nada. Esto significa que el qlen del planificador todav\u00eda tiene un valor igual a 0. Luego, continuamos poniendo en cola un nuevo paquete y aumentamos el qlen del planificador en uno. En resumen, podemos aprovechar pfifo_tail_enqueue() para aumentar qlen en uno y devolver el c\u00f3digo de estado `NET_XMIT_CN`. El problema es: digamos que tenemos dos qdiscs: Qdisc_A y Qdisc_B. - El tipo de Qdisc_A debe tener la funci\u00f3n \u0027-\u0026gt;graft()\u0027 para crear una relaci\u00f3n padre/hijo. Digamos que el tipo de Qdisc_A es `hfsc`. Poner en cola un paquete en esta qdisc activar\u00e1 `hfsc_enqueue`. - El tipo de Qdisc_B es pfifo_head_drop. Poner en cola un paquete en esta qdisc activar\u00e1 `pfifo_tail_enqueue`. - Qdisc_B est\u00e1 configurado para tener `sch-\u0026gt;limit == 0`. - Qdisc_A est\u00e1 configurado para enrutar el paquete en cola a Qdisc_B. Poner en cola un paquete a trav\u00e9s de Qdisc_A conducir\u00e1 a: - hfsc_enqueue(Qdisc_A) -\u0026gt; pfifo_tail_enqueue(Qdisc_B) - Qdisc_B-\u0026gt;q.qlen += 1 - pfifo_tail_enqueue() devuelve `NET_XMIT_CN` - hfsc_enqueue() comprueba `NET_XMIT_SUCCESS` y ve `NET_XMIT_CN` =\u0026gt; hfsc_enqueue() no aumenta el qlen de Qdisc_A. Todo el proceso conduce a una situaci\u00f3n en la que Qdisc_A-\u0026gt;q.qlen == 0 y Qdisc_B-\u0026gt;q.qlen == 1. Reemplazar \u0027hfsc\u0027 por otro tipo (por ejemplo: \u0027drr\u0027) sigue conduciendo al mismo problema. Esto viola el dise\u00f1o donde el qlen del padre debe ser igual a la suma del qlen de sus hijos. Impacto del error: este problema se puede utilizar para la escalada de privilegios de usuario a kernel cuando sea posible.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.34\",\"versionEndExcluding\":\"5.4.291\",\"matchCriteriaId\":\"EED05E52-7CFA-4A43-A352-40F047FDB63A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.235\",\"matchCriteriaId\":\"545121FA-DE31-4154-9446-C2000FB4104D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.179\",\"matchCriteriaId\":\"C708062C-4E1B-465F-AE6D-C09C46400875\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.130\",\"matchCriteriaId\":\"26997835-273D-4841-ABD3-4696059AC299\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.83\",\"matchCriteriaId\":\"7D9F642F-6E05-4926-B0FE-62F95B7266BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.14\",\"matchCriteriaId\":\"033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.3\",\"matchCriteriaId\":\"0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.14:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"186716B6-2B66-4BD0-852E-D48E71C0C85F\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/020ecb76812a0526f4130ab5aeb6dc7c773e7ab9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/647cef20e649c576dff271e018d5d15d998b629d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/78285b53266d6d51fa4ff504a23df03852eba84e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/79a955ea4a2e5ddf4a36328959de0de496419888\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7a9723ec27aff5674f1fd4934608937f1d650980\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a56a6e8589a9b98d8171611fbcc1e45a15fd2455\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b6a079c3b6f95378f26e2aeda520cb3176f7067b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e40cb34b7f247fe2e366fd192700d1b4f38196ca\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2025:20572-1
Vulnerability from csaf_suse
Published
2025-08-25 12:16
Modified
2025-08-25 12:16
Summary
Security update for kernel-livepatch-MICRO-6-0_Update_5
Notes
Title of the patch
Security update for kernel-livepatch-MICRO-6-0_Update_5
Description of the patch
This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
Patchnames
SUSE-SLE-Micro-6.0-kernel-76
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0_Update_5",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0_Update_5 fixes the following issues:\n\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-76",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20572-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20572-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520572-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20572-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022309.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0_Update_5",
"tracking": {
"current_release_date": "2025-08-25T12:16:44Z",
"generator": {
"date": "2025-08-25T12:16:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20572-1",
"initial_release_date": "2025-08-25T12:16:44Z",
"revision_history": [
{
"date": "2025-08-25T12:16:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-25-default-5-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-25-default-5-1.2.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-25-default-5-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:44Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:44Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-25-default-5-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:44Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:02688-1
Vulnerability from csaf_suse
Published
2025-08-04 22:50
Modified
2025-08-04 22:50
Summary
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_23_22 fixes several issues.
The following security issues were fixed:
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
Patchnames
SUSE-2025-2688,SUSE-2025-2690,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2688
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 6.4.0-150600_23_22 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2688,SUSE-2025-2690,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2688",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02688-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02688-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502688-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02688-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041089.html"
},
{
"category": "self",
"summary": "SUSE Bug 1235250",
"url": "https://bugzilla.suse.com/1235250"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE Bug 1245804",
"url": "https://bugzilla.suse.com/1245804"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)",
"tracking": {
"current_release_date": "2025-08-04T22:50:13Z",
"generator": {
"date": "2025-08-04T22:50:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02688-1",
"initial_release_date": "2025-08-04T22:50:13Z",
"revision_history": [
{
"date": "2025-08-04T22:50:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_23_30-default-9-150600.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T22:50:13Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-56664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket\u0027s close() link popping \u0026 unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(\u0026stab-\u003elock)\n osk = stab-\u003esks[idx]\n sock_map_add_link(..., \u0026stab-\u003esks[idx])\n sock_map_unref(osk, \u0026stab-\u003esks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(\u0026psock))\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(\u0026stab-\u003elock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56664",
"url": "https://www.suse.com/security/cve/CVE-2024-56664"
},
{
"category": "external",
"summary": "SUSE Bug 1235249 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235249"
},
{
"category": "external",
"summary": "SUSE Bug 1235250 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T22:50:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56664"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T22:50:13Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T22:50:13Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_22-default-14-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T22:50:13Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:02608-1
Vulnerability from csaf_suse
Published
2025-08-02 23:34
Modified
2025-08-02 23:34
Summary
Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_204 fixes several issues.
The following security issues were fixed:
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
Patchnames
SUSE-2025-2608,SUSE-SLE-Module-Live-Patching-15-SP3-2025-2608
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_204 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2608,SUSE-SLE-Module-Live-Patching-15-SP3-2025-2608",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02608-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02608-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502608-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02608-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041019.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-08-02T23:34:25Z",
"generator": {
"date": "2025-08-02T23:34:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02608-1",
"initial_release_date": "2025-08-02T23:34:25Z",
"revision_history": [
{
"date": "2025-08-02T23:34:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_204-preempt-3-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_204-preempt-3-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_204-preempt-3-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T23:34:25Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T23:34:25Z",
"details": "moderate"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_204-default-3-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T23:34:25Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:20419-1
Vulnerability from csaf_suse
Published
2025-06-15 12:06
Modified
2025-06-15 12:06
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
The following non-security bugs were fixed:
- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
- ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
- ACPI: HED: Always initialize before evged (stable-fixes).
- ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: seq: Improve data consistency at polling (stable-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
- ASoC: tas2764: Enable main IRQs (git-fixes).
- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
- ASoC: tas2764: Reinit cache on part reset (git-fixes).
- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
- bus: fsl-mc: fix double-free on mc_dev (git-fixes).
- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: change tcon status when need_reconnect is set on it (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: lrw - Only add ecb if it is not already there (git-fixes).
- crypto: lzo - Fix compression buffer overrun (stable-fixes).
- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
- crypto: qat - add shutdown handler to qat_420xx (git-fixes).
- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
- crypto: xts - Only add ecb if it is not already there (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: mask sk_shutdown value (bsc#1228854).
- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (git-fixes).
- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- Documentation: fix typo in root= kernel parameter description (git-fixes).
- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).
- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).
- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- drm: Add valid clones check (stable-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
- drm/amd/display: Increase block_sequence array size (stable-fixes).
- drm/amd/display: Initial psr_version with correct setting (stable-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
- drm/ast: Find VBIOS mode from regular display size (stable-fixes).
- drm/ast: Fix comment on modeset lock (git-fixes).
- drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
- drm: bridge: adv7511: fill stream capabilities (stable-fixes).
- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
- drm/tegra: Assign plane type before registration (git-fixes).
- drm/tegra: Fix a possible null pointer dereference (git-fixes).
- drm/tegra: rgb: Fix the unbound reference count (git-fixes).
- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
- drm/v3d: Add clock handling (stable-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/vc4: tests: Use return instead of assert (git-fixes).
- drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
- Drop AMDGPU patch that may cause regressions (bsc#1243782)
- exfat: fix potential wrong error return from get_block (git-fixes).
- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
- fbdev/efifb: Remove PM for parent device (bsc#1244261).
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- fpga: altera-cvp: Increase credit timeout (stable-fixes).
- gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
- hwmon: (dell-smm) Increment the number of fans (stable-fixes).
- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
- i3c: master: svc: Fix missing STOP for master request (stable-fixes).
- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
- iio: filter: admv8818: fix band 4, state 15 (git-fixes).
- iio: filter: admv8818: fix integer overflow (git-fixes).
- iio: filter: admv8818: fix range calculation (git-fixes).
- iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add more controllers (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
- jffs2: check that raw node were preallocated before writing summary (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).
- kernel-obs-qa: Use srchash for dependency as well
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
- media: cx231xx: set device_caps for 417 (stable-fixes).
- media: cxusb: no longer judge rbuf when the write fails (git-fixes).
- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
- media: imx-jpeg: Cleanup after an allocation error (git-fixes).
- media: imx-jpeg: Drop the first error frames (git-fixes).
- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
- media: ov5675: suppress probe deferral errors (git-fixes).
- media: ov8856: suppress probe deferral errors (git-fixes).
- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
- media: rkvdec: Fix frame size enumeration (git-fixes).
- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
- media: uvcvideo: Fix deferred probing error (git-fixes).
- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
- media: uvcvideo: Return the number of processed controls (git-fixes).
- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
- media: venus: Fix probe error handling (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
- media: vivid: Change the siize of the composing (git-fixes).
- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
- neighbour: delete redundant judgment statements (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- net: do not dump stack on queue timeout (git-fixes).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net: phy: clear phydev->devlink when the link is deleted (git-fixes).
- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: usb: aqc111: debug info before sanitation (git-fixes).
- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- padata: do not leak refcount in reorder_work (git-fixes).
- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
- PCI: cadence: Fix runtime atomic count underflow (git-fixes).
- PCI/DPC: Initialize aer_err_info before using it (git-fixes).
- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
- PCI: Explicitly put devices into D0 when initializing (git-fixes).
- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
- pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
- PM: sleep: Print PM debug messages during hibernation (git-fixes).
- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- power: reset: at91-reset: Optimize at91_reset() (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug (git-fixes)
- Refresh fixes for cBPF issue (bsc#1242778)
- regulator: ad5398: Add device tree support (stable-fixes).
- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
- regulator: max20086: Change enable gpio to optional (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- regulator: max20086: Fix MAX200086 chip id (git-fixes).
- Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes).
- Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable-fixes).
- Revert "drm/amd: Keep display off while going into S4" (git-fixes).
- Revert "drm/amd: Stop evicting resources on APUs in suspend" (stable-fixes).
- Revert "rndis_host: Flag RNDIS modems as WWAN devices" (git-fixes).
- Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rtc: at91rm9200: drop unused module alias (git-fixes).
- rtc: cpcap: drop unused module alias (git-fixes).
- rtc: da9063: drop unused module alias (git-fixes).
- rtc: ds1307: stop disabling alarms on probe (stable-fixes).
- rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
- rtc: jz4740: drop unused module alias (git-fixes).
- rtc: pm8xxx: drop unused module alias (git-fixes).
- rtc: rv3032: fix EERD location (stable-fixes).
- rtc: s3c: drop unused module alias (git-fixes).
- rtc: sh: assign correct interrupts with DT (git-fixes).
- rtc: stm32: drop unused module alias (git-fixes).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
- s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
- s390/pci: Serialize device addition and removal (bsc#1244145).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: Improve CDL control (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).
- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
- serial: sh-sci: Save and restore more registers (git-fixes).
- serial: sh-sci: Update the suspend/resume support (stable-fixes).
- smb3: fix Open files on server counter going negative (git-fixes).
- smb: client: allow more DFS referrals to be cached (git-fixes).
- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).
- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).
- smb: client: do not retry DFS targets on server shutdown (git-fixes).
- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).
- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).
- smb: client: fix DFS interlink failover (git-fixes).
- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).
- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).
- smb: client: fix potential race in cifs_put_tcon() (git-fixes).
- smb: client: fix return value of parse_dfs_referrals() (git-fixes).
- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).
- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).
- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).
- smb: client: improve purging of cached referrals (git-fixes).
- smb: client: introduce av_for_each_entry() helper (git-fixes).
- smb: client: optimize referral walk on failed link targets (git-fixes).
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).
- smb: client: parse DNS domain name from domain= option (git-fixes).
- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).
- smb: client: refresh referral without acquiring refpath_lock (git-fixes).
- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).
- smb: client: Use str_yes_no() helper function (git-fixes).
- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
- spi: bcm63xx-hsspi: fix shared reset (git-fixes).
- spi: bcm63xx-spi: fix shared reset (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi-rockchip: Fix register out of bounds access (stable-fixes).
- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: spi-sun4i: fix early activation (stable-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
- spi: tegra210-quad: remove redundant error handling code (git-fixes).
- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
- thunderbolt: Fix a logic error in wake on connect (git-fixes).
- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
- usb: usbtmc: Fix timeout value in get_stb (git-fixes).
- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
- watchdog: exar: Shorten identity name to fit correctly (git-fixes).
- wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath11k: fix ring-buffer corruption (git-fixes).
- wifi: ath11k: fix rx completion meta data corruption (git-fixes).
- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
- wifi: ath12k: fix cleanup path after mhi init (git-fixes).
- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
- wifi: ath12k: fix invalid access to memory (git-fixes).
- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
- wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
- wifi: ath12k: fix ring-buffer corruption (git-fixes).
- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
- wifi: ath9k: return by of_get_mac_address (stable-fixes).
- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
- wifi: iwlwifi: fix debug actions order (stable-fixes).
- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
- wifi: mt76: mt7996: revise TXS size (stable-fixes).
- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
- wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).
- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's "next" indication (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-40
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).\n- ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).\n- ACPICA: Utilities: Fix spelling mistake \"Incremement\" -\u003e \"Increment\" (git-fixes).\n- acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).\n- ACPI: HED: Always initialize before evged (stable-fixes).\n- ACPI: OSI: Stop advertising support for \"3.0 _SCP Extensions\" (git-fixes).\n- ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).\n- ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).\n- ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: seq: Improve data consistency at polling (stable-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).\n- ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).\n- ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).\n- ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).\n- ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).\n- ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).\n- ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).\n- ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).\n- ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).\n- ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).\n- ASoC: ops: Enforce platform maximum on initial value (stable-fixes).\n- ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).\n- ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).\n- ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).\n- ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Adjust pipeline_list-\u003epipelines allocation type (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).\n- ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).\n- ASoC: tas2764: Enable main IRQs (git-fixes).\n- ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).\n- ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).\n- ASoC: tas2764: Reinit cache on part reset (git-fixes).\n- backlight: pm8941: Add NULL check in wled_configure() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).\n- bus: fsl-mc: fix double-free on mc_dev (git-fixes).\n- bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).\n- bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: change tcon status when need_reconnect is set on it (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: lrw - Only add ecb if it is not already there (git-fixes).\n- crypto: lzo - Fix compression buffer overrun (stable-fixes).\n- crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).\n- crypto: marvell/cesa - Do not chain submitted requests (git-fixes).\n- crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).\n- crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).\n- crypto: qat - add shutdown handler to qat_420xx (git-fixes).\n- crypto: qat - add shutdown handler to qat_4xxx (git-fixes).\n- crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).\n- crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).\n- crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).\n- crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).\n- crypto: xts - Only add ecb if it is not already there (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: mask sk_shutdown value (bsc#1228854).\n- dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: Revert \"dmaengine: dmatest: Fix dmatest waiting less when interrupted\" (git-fixes).\n- dmaengine: ti: Add NULL check in udma_probe() (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- Documentation: fix typo in root= kernel parameter description (git-fixes).\n- Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes).\n- Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes).\n- Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- drm: Add valid clones check (stable-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).\n- drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).\n- drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).\n- drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).\n- drm/amd/display: Increase block_sequence array size (stable-fixes).\n- drm/amd/display: Initial psr_version with correct setting (stable-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).\n- drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).\n- drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).\n- drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).\n- drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: reset psp-\u003ecmd to NULL after releasing the buffer (stable-fixes).\n- drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdgpu: Update SRIOV video codec caps (stable-fixes).\n- drm/amdkfd: KFD release_work possible circular locking (stable-fixes).\n- drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).\n- drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).\n- drm/ast: Find VBIOS mode from regular display size (stable-fixes).\n- drm/ast: Fix comment on modeset lock (git-fixes).\n- drm/atomic: clarify the rules around drm_atomic_state-\u003eallow_modeset (stable-fixes).\n- drm: bridge: adv7511: fill stream capabilities (stable-fixes).\n- drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).\n- drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).\n- drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).\n- drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).\n- drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).\n- drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).\n- drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).\n- drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).\n- drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).\n- drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).\n- drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).\n- drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).\n- drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).\n- drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).\n- drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).\n- drm/tegra: Assign plane type before registration (git-fixes).\n- drm/tegra: Fix a possible null pointer dereference (git-fixes).\n- drm/tegra: rgb: Fix the unbound reference count (git-fixes).\n- drm/udl: Unregister device before cleaning up on disconnect (git-fixes).\n- drm/v3d: Add clock handling (stable-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/vc4: tests: Use return instead of assert (git-fixes).\n- drm/vkms: Adjust vkms_state-\u003eactive_planes allocation type (git-fixes).\n- drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).\n- Drop AMDGPU patch that may cause regressions (bsc#1243782)\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).\n- fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).\n- fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).\n- fbdev/efifb: Remove PM for parent device (bsc#1244261).\n- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).\n- fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).\n- firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).\n- firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).\n- firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).\n- firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).\n- Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- fpga: altera-cvp: Increase credit timeout (stable-fixes).\n- gpiolib: Revert \"Do not WARN on gpiod_put() for optional GPIO\" (stable-fixes).\n- gpio: pca953x: fix IRQ storm on system wake up (git-fixes).\n- gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).\n- gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).\n- HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).\n- hwmon: (dell-smm) Increment the number of fans (stable-fixes).\n- hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).\n- hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: pxa: fix call balance of i2c-\u003eclk handling routines (stable-fixes).\n- i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).\n- i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).\n- i3c: master: svc: Fix missing STOP for master request (stable-fixes).\n- i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).\n- iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).\n- iio: adc: ad7606_spi: fix reg write value mask (git-fixes).\n- iio: filter: admv8818: fix band 4, state 15 (git-fixes).\n- iio: filter: admv8818: fix integer overflow (git-fixes).\n- iio: filter: admv8818: fix range calculation (git-fixes).\n- iio: filter: admv8818: Support frequencies \u003e= 2^32 (git-fixes).\n- iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).\n- ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).\n- Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add more controllers (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- intel_th: avoid using deprecated page-\u003emapping, index fields (stable-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes). Both spellings are actually used\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).\n- jffs2: check that raw node were preallocated before writing summary (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI workaround for hda_codec.beep_just_power_on flag (git-fixes).\n- kernel-obs-qa: Use srchash for dependency as well\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).\n- media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).\n- media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).\n- media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).\n- media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).\n- media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).\n- media: cx231xx: set device_caps for 417 (stable-fixes).\n- media: cxusb: no longer judge rbuf when the write fails (git-fixes).\n- media: davinci: vpif: Fix memory leak in probe error path (git-fixes).\n- media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).\n- media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).\n- media: imx-jpeg: Cleanup after an allocation error (git-fixes).\n- media: imx-jpeg: Drop the first error frames (git-fixes).\n- media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).\n- media: imx-jpeg: Reset slot data pointers when freed (git-fixes).\n- media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).\n- media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).\n- media: ov5675: suppress probe deferral errors (git-fixes).\n- media: ov8856: suppress probe deferral errors (git-fixes).\n- media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).\n- media: rkvdec: Fix frame size enumeration (git-fixes).\n- media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).\n- media: test-drivers: vivid: do not call schedule in loop (stable-fixes).\n- media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).\n- media: uvcvideo: Fix deferred probing error (git-fixes).\n- media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).\n- media: uvcvideo: Return the number of processed controls (git-fixes).\n- media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).\n- media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).\n- media: venus: Fix probe error handling (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).\n- media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).\n- media: vivid: Change the siize of the composing (git-fixes).\n- mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).\n- mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).\n- mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).\n- mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).\n- mmc: host: Wait for Vdd to settle on card power off (stable-fixes).\n- mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).\n- mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).\n- mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net: phy: clear phydev-\u003edevlink when the link is deleted (git-fixes).\n- net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).\n- net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).\n- net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: usb: aqc111: debug info before sanitation (git-fixes).\n- net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).\n- net: wwan: t7xx: Fix napi rx poll issue (git-fixes).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).\n- NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- padata: do not leak refcount in reorder_work (git-fixes).\n- PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).\n- PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).\n- PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).\n- PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).\n- PCI: cadence: Fix runtime atomic count underflow (git-fixes).\n- PCI/DPC: Initialize aer_err_info before using it (git-fixes).\n- PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).\n- PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).\n- PCI: Explicitly put devices into D0 when initializing (git-fixes).\n- PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).\n- PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).\n- PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).\n- phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).\n- pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs \u003e 31 (git-fixes).\n- pinctrl: at91: Fix possible out-of-boundary access (git-fixes).\n- pinctrl: bcm281xx: Use \"unsigned int\" instead of bare \"unsigned\" (stable-fixes).\n- pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).\n- pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).\n- pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).\n- pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).\n- platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).\n- platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).\n- PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).\n- PM: sleep: Print PM debug messages during hibernation (git-fixes).\n- PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- power: reset: at91-reset: Optimize at91_reset() (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix \"trying to register non-static key in rxe_qp_do_cleanup\" bug (git-fixes)\n- Refresh fixes for cBPF issue (bsc#1242778)\n- regulator: ad5398: Add device tree support (stable-fixes).\n- regulator: max14577: Add error check for max14577_read_reg() (git-fixes).\n- regulator: max20086: Change enable gpio to optional (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- regulator: max20086: Fix MAX200086 chip id (git-fixes).\n- Revert \"bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first\" (stable-fixes).\n- Revert \"drm/amdgpu: do not allow userspace to create a doorbell BO\" (stable-fixes).\n- Revert \"drm/amd: Keep display off while going into S4\" (git-fixes).\n- Revert \"drm/amd: Stop evicting resources on APUs in suspend\" (stable-fixes).\n- Revert \"rndis_host: Flag RNDIS modems as WWAN devices\" (git-fixes).\n- Revert \"wifi: mt76: mt7996: fill txd by host driver\" (stable-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rtc: at91rm9200: drop unused module alias (git-fixes).\n- rtc: cpcap: drop unused module alias (git-fixes).\n- rtc: da9063: drop unused module alias (git-fixes).\n- rtc: ds1307: stop disabling alarms on probe (stable-fixes).\n- rtc: Fix offset calculation for .start_secs \u0026lt; 0 (git-fixes).\n- rtc: jz4740: drop unused module alias (git-fixes).\n- rtc: pm8xxx: drop unused module alias (git-fixes).\n- rtc: rv3032: fix EERD location (stable-fixes).\n- rtc: s3c: drop unused module alias (git-fixes).\n- rtc: sh: assign correct interrupts with DT (git-fixes).\n- rtc: stm32: drop unused module alias (git-fixes).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).\n- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).\n- s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).\n- s390/pci: introduce lock to synchronize state of zpci_dev\u0027s (jsc#PED-10253 bsc#1244145).\n- s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).\n- s390/pci: remove hotplug slot when releasing the device (bsc#1244145).\n- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).\n- s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).\n- s390/pci: Serialize device addition and removal (bsc#1244145).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: Improve CDL control (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- selftests/bpf: Fix bpf_nf selftest failure (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).\n- selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes).\n- selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).\n- serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).\n- serial: sh-sci: Save and restore more registers (git-fixes).\n- serial: sh-sci: Update the suspend/resume support (stable-fixes).\n- smb3: fix Open files on server counter going negative (git-fixes).\n- smb: client: allow more DFS referrals to be cached (git-fixes).\n- smb: client: avoid unnecessary reconnects when refreshing referrals (git-fixes).\n- smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes).\n- smb: client: do not retry DFS targets on server shutdown (git-fixes).\n- smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes).\n- smb: client: do not try following DFS links in cifs_tree_connect() (git-fixes).\n- smb: client: fix DFS interlink failover (git-fixes).\n- smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes).\n- smb: client: fix hang in wait_for_response() for negproto (bsc#1242709).\n- smb: client: fix potential race in cifs_put_tcon() (git-fixes).\n- smb: client: fix return value of parse_dfs_referrals() (git-fixes).\n- smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes).\n- smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes).\n- smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes).\n- smb: client: improve purging of cached referrals (git-fixes).\n- smb: client: introduce av_for_each_entry() helper (git-fixes).\n- smb: client: optimize referral walk on failed link targets (git-fixes).\n- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes).\n- smb: client: parse DNS domain name from domain= option (git-fixes).\n- smb: client: provide dns_resolve_{unc,name} helpers (git-fixes).\n- smb: client: refresh referral without acquiring refpath_lock (git-fixes).\n- smb: client: remove unnecessary checks in open_cached_dir() (git-fixes).\n- smb: client: Use str_yes_no() helper function (git-fixes).\n- soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).\n- soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).\n- soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).\n- soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).\n- soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).\n- spi: bcm63xx-hsspi: fix shared reset (git-fixes).\n- spi: bcm63xx-spi: fix shared reset (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi-rockchip: Fix register out of bounds access (stable-fixes).\n- spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: spi-sun4i: fix early activation (stable-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).\n- spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).\n- spi: tegra210-quad: remove redundant error handling code (git-fixes).\n- spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).\n- thunderbolt: Fix a logic error in wake on connect (git-fixes).\n- usb: cdnsp: Fix issue with detecting command completion event (git-fixes).\n- usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).\n- usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).\n- usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).\n- usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).\n- usb: usbtmc: Fix timeout value in get_stb (git-fixes).\n- usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).\n- vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).\n- vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).\n- watchdog: exar: Shorten identity name to fit correctly (git-fixes).\n- wifi: ath11k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath11k: fix ring-buffer corruption (git-fixes).\n- wifi: ath11k: fix rx completion meta data corruption (git-fixes).\n- wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).\n- wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).\n- wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).\n- wifi: ath12k: fix cleanup path after mhi init (git-fixes).\n- wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).\n- wifi: ath12k: fix invalid access to memory (git-fixes).\n- wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).\n- wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).\n- wifi: ath12k: fix node corruption in ar-\u003earvifs list (git-fixes).\n- wifi: ath12k: fix ring-buffer corruption (git-fixes).\n- wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).\n- wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).\n- wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).\n- wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).\n- wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).\n- wifi: ath9k: return by of_get_mac_address (stable-fixes).\n- wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).\n- wifi: iwlwifi: add support for Killer on MTL (stable-fixes).\n- wifi: iwlwifi: fix debug actions order (stable-fixes).\n- wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).\n- wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).\n- wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).\n- wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).\n- wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).\n- wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).\n- wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).\n- wifi: mt76: mt7996: revise TXS size (stable-fixes).\n- wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).\n- wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).\n- wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).\n- wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).\n- wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).\n- wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).\n- wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).\n- wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).\n- wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (git-fixes).\n- wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).\n- wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).\n- wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).\n- wifi: rtw89: add wiphy_lock() to work that isn\u0027t held wiphy_lock() yet (stable-fixes).\n- wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).\n- wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).\n- x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes).\n- x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).\n- x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).\n- x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \"next\" indication (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-40",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20419-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20419-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520419-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20419-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040396.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220112",
"url": "https://bugzilla.suse.com/1220112"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1228557",
"url": "https://bugzilla.suse.com/1228557"
},
{
"category": "self",
"summary": "SUSE Bug 1228854",
"url": "https://bugzilla.suse.com/1228854"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235968",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240823",
"url": "https://bugzilla.suse.com/1240823"
},
{
"category": "self",
"summary": "SUSE Bug 1240866",
"url": "https://bugzilla.suse.com/1240866"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241340",
"url": "https://bugzilla.suse.com/1241340"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241457",
"url": "https://bugzilla.suse.com/1241457"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241519",
"url": "https://bugzilla.suse.com/1241519"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241538",
"url": "https://bugzilla.suse.com/1241538"
},
{
"category": "self",
"summary": "SUSE Bug 1241576",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241595",
"url": "https://bugzilla.suse.com/1241595"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241625",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241635",
"url": "https://bugzilla.suse.com/1241635"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241644",
"url": "https://bugzilla.suse.com/1241644"
},
{
"category": "self",
"summary": "SUSE Bug 1241654",
"url": "https://bugzilla.suse.com/1241654"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242035",
"url": "https://bugzilla.suse.com/1242035"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242163",
"url": "https://bugzilla.suse.com/1242163"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242501",
"url": "https://bugzilla.suse.com/1242501"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242512",
"url": "https://bugzilla.suse.com/1242512"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242514",
"url": "https://bugzilla.suse.com/1242514"
},
{
"category": "self",
"summary": "SUSE Bug 1242520",
"url": "https://bugzilla.suse.com/1242520"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242524",
"url": "https://bugzilla.suse.com/1242524"
},
{
"category": "self",
"summary": "SUSE Bug 1242529",
"url": "https://bugzilla.suse.com/1242529"
},
{
"category": "self",
"summary": "SUSE Bug 1242530",
"url": "https://bugzilla.suse.com/1242530"
},
{
"category": "self",
"summary": "SUSE Bug 1242531",
"url": "https://bugzilla.suse.com/1242531"
},
{
"category": "self",
"summary": "SUSE Bug 1242532",
"url": "https://bugzilla.suse.com/1242532"
},
{
"category": "self",
"summary": "SUSE Bug 1242559",
"url": "https://bugzilla.suse.com/1242559"
},
{
"category": "self",
"summary": "SUSE Bug 1242563",
"url": "https://bugzilla.suse.com/1242563"
},
{
"category": "self",
"summary": "SUSE Bug 1242564",
"url": "https://bugzilla.suse.com/1242564"
},
{
"category": "self",
"summary": "SUSE Bug 1242565",
"url": "https://bugzilla.suse.com/1242565"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242567",
"url": "https://bugzilla.suse.com/1242567"
},
{
"category": "self",
"summary": "SUSE Bug 1242568",
"url": "https://bugzilla.suse.com/1242568"
},
{
"category": "self",
"summary": "SUSE Bug 1242569",
"url": "https://bugzilla.suse.com/1242569"
},
{
"category": "self",
"summary": "SUSE Bug 1242574",
"url": "https://bugzilla.suse.com/1242574"
},
{
"category": "self",
"summary": "SUSE Bug 1242575",
"url": "https://bugzilla.suse.com/1242575"
},
{
"category": "self",
"summary": "SUSE Bug 1242578",
"url": "https://bugzilla.suse.com/1242578"
},
{
"category": "self",
"summary": "SUSE Bug 1242584",
"url": "https://bugzilla.suse.com/1242584"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242587",
"url": "https://bugzilla.suse.com/1242587"
},
{
"category": "self",
"summary": "SUSE Bug 1242591",
"url": "https://bugzilla.suse.com/1242591"
},
{
"category": "self",
"summary": "SUSE Bug 1242709",
"url": "https://bugzilla.suse.com/1242709"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242758",
"url": "https://bugzilla.suse.com/1242758"
},
{
"category": "self",
"summary": "SUSE Bug 1242760",
"url": "https://bugzilla.suse.com/1242760"
},
{
"category": "self",
"summary": "SUSE Bug 1242761",
"url": "https://bugzilla.suse.com/1242761"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242764",
"url": "https://bugzilla.suse.com/1242764"
},
{
"category": "self",
"summary": "SUSE Bug 1242766",
"url": "https://bugzilla.suse.com/1242766"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242781",
"url": "https://bugzilla.suse.com/1242781"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242785",
"url": "https://bugzilla.suse.com/1242785"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242849",
"url": "https://bugzilla.suse.com/1242849"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242871",
"url": "https://bugzilla.suse.com/1242871"
},
{
"category": "self",
"summary": "SUSE Bug 1242873",
"url": "https://bugzilla.suse.com/1242873"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242906",
"url": "https://bugzilla.suse.com/1242906"
},
{
"category": "self",
"summary": "SUSE Bug 1242908",
"url": "https://bugzilla.suse.com/1242908"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242930",
"url": "https://bugzilla.suse.com/1242930"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242945",
"url": "https://bugzilla.suse.com/1242945"
},
{
"category": "self",
"summary": "SUSE Bug 1242948",
"url": "https://bugzilla.suse.com/1242948"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242953",
"url": "https://bugzilla.suse.com/1242953"
},
{
"category": "self",
"summary": "SUSE Bug 1242955",
"url": "https://bugzilla.suse.com/1242955"
},
{
"category": "self",
"summary": "SUSE Bug 1242957",
"url": "https://bugzilla.suse.com/1242957"
},
{
"category": "self",
"summary": "SUSE Bug 1242959",
"url": "https://bugzilla.suse.com/1242959"
},
{
"category": "self",
"summary": "SUSE Bug 1242961",
"url": "https://bugzilla.suse.com/1242961"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242973",
"url": "https://bugzilla.suse.com/1242973"
},
{
"category": "self",
"summary": "SUSE Bug 1242974",
"url": "https://bugzilla.suse.com/1242974"
},
{
"category": "self",
"summary": "SUSE Bug 1242977",
"url": "https://bugzilla.suse.com/1242977"
},
{
"category": "self",
"summary": "SUSE Bug 1242990",
"url": "https://bugzilla.suse.com/1242990"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243000",
"url": "https://bugzilla.suse.com/1243000"
},
{
"category": "self",
"summary": "SUSE Bug 1243006",
"url": "https://bugzilla.suse.com/1243006"
},
{
"category": "self",
"summary": "SUSE Bug 1243011",
"url": "https://bugzilla.suse.com/1243011"
},
{
"category": "self",
"summary": "SUSE Bug 1243015",
"url": "https://bugzilla.suse.com/1243015"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243049",
"url": "https://bugzilla.suse.com/1243049"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243076",
"url": "https://bugzilla.suse.com/1243076"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243082",
"url": "https://bugzilla.suse.com/1243082"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243456",
"url": "https://bugzilla.suse.com/1243456"
},
{
"category": "self",
"summary": "SUSE Bug 1243469",
"url": "https://bugzilla.suse.com/1243469"
},
{
"category": "self",
"summary": "SUSE Bug 1243470",
"url": "https://bugzilla.suse.com/1243470"
},
{
"category": "self",
"summary": "SUSE Bug 1243471",
"url": "https://bugzilla.suse.com/1243471"
},
{
"category": "self",
"summary": "SUSE Bug 1243472",
"url": "https://bugzilla.suse.com/1243472"
},
{
"category": "self",
"summary": "SUSE Bug 1243473",
"url": "https://bugzilla.suse.com/1243473"
},
{
"category": "self",
"summary": "SUSE Bug 1243476",
"url": "https://bugzilla.suse.com/1243476"
},
{
"category": "self",
"summary": "SUSE Bug 1243509",
"url": "https://bugzilla.suse.com/1243509"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243513",
"url": "https://bugzilla.suse.com/1243513"
},
{
"category": "self",
"summary": "SUSE Bug 1243515",
"url": "https://bugzilla.suse.com/1243515"
},
{
"category": "self",
"summary": "SUSE Bug 1243516",
"url": "https://bugzilla.suse.com/1243516"
},
{
"category": "self",
"summary": "SUSE Bug 1243517",
"url": "https://bugzilla.suse.com/1243517"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243522",
"url": "https://bugzilla.suse.com/1243522"
},
{
"category": "self",
"summary": "SUSE Bug 1243524",
"url": "https://bugzilla.suse.com/1243524"
},
{
"category": "self",
"summary": "SUSE Bug 1243528",
"url": "https://bugzilla.suse.com/1243528"
},
{
"category": "self",
"summary": "SUSE Bug 1243529",
"url": "https://bugzilla.suse.com/1243529"
},
{
"category": "self",
"summary": "SUSE Bug 1243530",
"url": "https://bugzilla.suse.com/1243530"
},
{
"category": "self",
"summary": "SUSE Bug 1243534",
"url": "https://bugzilla.suse.com/1243534"
},
{
"category": "self",
"summary": "SUSE Bug 1243536",
"url": "https://bugzilla.suse.com/1243536"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243540",
"url": "https://bugzilla.suse.com/1243540"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243545",
"url": "https://bugzilla.suse.com/1243545"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243559",
"url": "https://bugzilla.suse.com/1243559"
},
{
"category": "self",
"summary": "SUSE Bug 1243560",
"url": "https://bugzilla.suse.com/1243560"
},
{
"category": "self",
"summary": "SUSE Bug 1243562",
"url": "https://bugzilla.suse.com/1243562"
},
{
"category": "self",
"summary": "SUSE Bug 1243567",
"url": "https://bugzilla.suse.com/1243567"
},
{
"category": "self",
"summary": "SUSE Bug 1243573",
"url": "https://bugzilla.suse.com/1243573"
},
{
"category": "self",
"summary": "SUSE Bug 1243574",
"url": "https://bugzilla.suse.com/1243574"
},
{
"category": "self",
"summary": "SUSE Bug 1243575",
"url": "https://bugzilla.suse.com/1243575"
},
{
"category": "self",
"summary": "SUSE Bug 1243589",
"url": "https://bugzilla.suse.com/1243589"
},
{
"category": "self",
"summary": "SUSE Bug 1243621",
"url": "https://bugzilla.suse.com/1243621"
},
{
"category": "self",
"summary": "SUSE Bug 1243624",
"url": "https://bugzilla.suse.com/1243624"
},
{
"category": "self",
"summary": "SUSE Bug 1243625",
"url": "https://bugzilla.suse.com/1243625"
},
{
"category": "self",
"summary": "SUSE Bug 1243626",
"url": "https://bugzilla.suse.com/1243626"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243659",
"url": "https://bugzilla.suse.com/1243659"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243664",
"url": "https://bugzilla.suse.com/1243664"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243782",
"url": "https://bugzilla.suse.com/1243782"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE Bug 1244145",
"url": "https://bugzilla.suse.com/1244145"
},
{
"category": "self",
"summary": "SUSE Bug 1244261",
"url": "https://bugzilla.suse.com/1244261"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52888 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21629 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22066 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22089 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22095 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22124 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23142 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23144 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23146 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23147 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23148 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23149 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23151 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23157 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23158 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23159 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37740 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37769 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37771 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37788 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37800 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37805 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37839 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37840 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37849 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37897 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37900 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37901 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37903 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37929 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37944 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37954 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37959 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37983 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37990 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38240 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-15T12:06:46Z",
"generator": {
"date": "2025-06-15T12:06:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20419-1",
"initial_release_date": "2025-06-15T12:06:46Z",
"revision_history": [
{
"date": "2025-06-15T12:06:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-30.1.aarch64",
"product_id": "kernel-default-6.4.0-30.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-30.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-30.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-30.1.noarch",
"product_id": "kernel-devel-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-30.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-30.1.noarch",
"product_id": "kernel-macros-6.4.0-30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-30.1.noarch",
"product": {
"name": "kernel-source-6.4.0-30.1.noarch",
"product_id": "kernel-source-6.4.0-30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-30.1.ppc64le",
"product_id": "kernel-default-6.4.0-30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-30.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-6.4.0-30.1.s390x",
"product_id": "kernel-default-6.4.0-30.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.s390x",
"product_id": "kernel-default-devel-6.4.0-30.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-30.1.x86_64",
"product_id": "kernel-default-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"product_id": "kernel-default-base-6.4.0-30.1.21.8.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-30.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-30.1.21.8.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-30.1.21.8.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-30.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-30.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
},
"product_reference": "kernel-source-6.4.0-30.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Only free buffer VA that is not NULL\n\nIn the MediaTek vcodec driver, while mtk_vcodec_mem_free() is mostly\ncalled only when the buffer to free exists, there are some instances\nthat didn\u0027t do the check and triggered warnings in practice.\n\nWe believe those checks were forgotten unintentionally. Add the checks\nback to fix the warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52888",
"url": "https://www.suse.com/security/cve/CVE-2023-52888"
},
{
"category": "external",
"summary": "SUSE Bug 1228557 for CVE-2023-52888",
"url": "https://bugzilla.suse.com/1228557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-52888"
},
{
"cve": "CVE-2023-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()\n\nIn dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach dw2102_i2c_transfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 950e252cb469\n(\"[media] dw2102: limit messages to buffer size\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53146",
"url": "https://www.suse.com/security/cve/CVE-2023-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1220112 for CVE-2023-53146",
"url": "https://bugzilla.suse.com/1220112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53146"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-58098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: track changes_pkt_data property for global functions\n\nWhen processing calls to certain helpers, verifier invalidates all\npacket pointers in a current state. For example, consider the\nfollowing program:\n\n __attribute__((__noinline__))\n long skb_pull_data(struct __sk_buff *sk, __u32 len)\n {\n return bpf_skb_pull_data(sk, len);\n }\n\n SEC(\"tc\")\n int test_invalidate_checks(struct __sk_buff *sk)\n {\n int *p = (void *)(long)sk-\u003edata;\n if ((void *)(p + 1) \u003e (void *)(long)sk-\u003edata_end) return TCX_DROP;\n skb_pull_data(sk, 0);\n *p = 42;\n return TCX_PASS;\n }\n\nAfter a call to bpf_skb_pull_data() the pointer \u0027p\u0027 can\u0027t be used\nsafely. See function filter.c:bpf_helper_changes_pkt_data() for a list\nof such helpers.\n\nAt the moment verifier invalidates packet pointers when processing\nhelper function calls, and does not traverse global sub-programs when\nprocessing calls to global sub-programs. This means that calls to\nhelpers done from global sub-programs do not invalidate pointers in\nthe caller state. E.g. the program above is unsafe, but is not\nrejected by verifier.\n\nThis commit fixes the omission by computing field\nbpf_subprog_info-\u003echanges_pkt_data for each sub-program before main\nverification pass.\nchanges_pkt_data should be set if:\n- subprogram calls helper for which bpf_helper_changes_pkt_data\n returns true;\n- subprogram calls a global function,\n for which bpf_subprog_info-\u003echanges_pkt_data should be set.\n\nThe verifier.c:check_cfg() pass is modified to compute this\ninformation. The commit relies on depth first instruction traversal\ndone by check_cfg() and absence of recursive function calls:\n- check_cfg() would eventually visit every call to subprogram S in a\n state when S is fully explored;\n- when S is fully explored:\n - every direct helper call within S is explored\n (and thus changes_pkt_data is set if needed);\n - every call to subprogram S1 called by S was visited with S1 fully\n explored (and thus S inherits changes_pkt_data from S1).\n\nThe downside of such approach is that dead code elimination is not\ntaken into account: if a helper call inside global function is dead\nbecause of current configuration, verifier would conservatively assume\nthat the call occurs for the purpose of the changes_pkt_data\ncomputation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58098",
"url": "https://www.suse.com/security/cve/CVE-2024-58098"
},
{
"category": "external",
"summary": "SUSE Bug 1242565 for CVE-2024-58098",
"url": "https://bugzilla.suse.com/1242565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-58098"
},
{
"cve": "CVE-2024-58099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame\n\nAndrew and Nikolay reported connectivity issues with Cilium\u0027s service\nload-balancing in case of vmxnet3.\n\nIf a BPF program for native XDP adds an encapsulation header such as\nIPIP and transmits the packet out the same interface, then in case\nof vmxnet3 a corrupted packet is being sent and subsequently dropped\non the path.\n\nvmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp()\nthrough vmxnet3_xdp_xmit_back() calculates an incorrect DMA address:\n\n page = virt_to_page(xdpf-\u003edata);\n tbi-\u003edma_addr = page_pool_get_dma_addr(page) +\n VMXNET3_XDP_HEADROOM;\n dma_sync_single_for_device(\u0026adapter-\u003epdev-\u003edev,\n tbi-\u003edma_addr, buf_size,\n DMA_TO_DEVICE);\n\nThe above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP\nBPF program could have moved xdp-\u003edata. While the passed buf_size is\ncorrect (xdpf-\u003elen), the dma_addr needs to have a dynamic offset which\ncan be calculated as xdpf-\u003edata - (void *)xdpf, that is, xdp-\u003edata -\nxdp-\u003edata_hard_start.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58099",
"url": "https://www.suse.com/security/cve/CVE-2024-58099"
},
{
"category": "external",
"summary": "SUSE Bug 1242035 for CVE-2024-58099",
"url": "https://bugzilla.suse.com/1242035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-58099"
},
{
"cve": "CVE-2024-58100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n - this flag is set in check_cfg() for main sub-program;\n - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n because it needs changes_pkt_data flag to be set:\n\n bpf_check:\n ... ...\n - check_attach_btf_id resolve_pseudo_ldimm64\n resolve_pseudo_ldimm64 --\u003e bpf_prog_is_offloaded\n bpf_prog_is_offloaded check_cfg\n check_cfg + check_attach_btf_id\n ... ...\n\nThe following fields are set by check_attach_btf_id():\n- env-\u003eops\n- prog-\u003eaux-\u003eattach_btf_trace\n- prog-\u003eaux-\u003eattach_func_name\n- prog-\u003eaux-\u003eattach_func_proto\n- prog-\u003eaux-\u003edst_trampoline\n- prog-\u003eaux-\u003emod\n- prog-\u003eaux-\u003esaved_dst_attach_type\n- prog-\u003eaux-\u003esaved_dst_prog_type\n- prog-\u003eexpected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58100",
"url": "https://www.suse.com/security/cve/CVE-2024-58100"
},
{
"category": "external",
"summary": "SUSE Bug 1242564 for CVE-2024-58100",
"url": "https://bugzilla.suse.com/1242564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-58100"
},
{
"cve": "CVE-2024-58237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: consider that tail calls invalidate packet pointers\n\nTail-called programs could execute any of the helpers that invalidate\npacket pointers. Hence, conservatively assume that each tail call\ninvalidates packet pointers.\n\nMaking the change in bpf_helper_changes_pkt_data() automatically makes\nuse of check_cfg() logic that computes \u0027changes_pkt_data\u0027 effect for\nglobal sub-programs, such that the following program could be\nrejected:\n\n int tail_call(struct __sk_buff *sk)\n {\n \tbpf_tail_call_static(sk, \u0026jmp_table, 0);\n \treturn 0;\n }\n\n SEC(\"tc\")\n int not_safe(struct __sk_buff *sk)\n {\n \tint *p = (void *)(long)sk-\u003edata;\n \t... make p valid ...\n \ttail_call(sk);\n \t*p = 42; /* this is unsafe */\n \t...\n }\n\nThe tc_bpf2bpf.c:subprog_tc() needs change: mark it as a function that\ncan invalidate packet pointers. Otherwise, it can\u0027t be freplaced with\ntailcall_freplace.c:entry_freplace() that does a tail call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58237",
"url": "https://www.suse.com/security/cve/CVE-2024-58237"
},
{
"category": "external",
"summary": "SUSE Bug 1242574 for CVE-2024-58237",
"url": "https://bugzilla.suse.com/1242574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-58237"
},
{
"cve": "CVE-2025-21629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n * * - %NETIF_F_IPV6_CSUM\n * - Driver (device) is only able to checksum plain\n * TCP or UDP packets over IPv6. These are specifically\n * unencapsulated packets of the form IPv6|TCP or\n * IPv6|UDP where the Next Header field in the IPv6\n * header is either TCP or UDP. IPv6 extension headers\n * are not supported with this feature. This feature\n * cannot be set in features for a device with\n * NETIF_F_HW_CSUM also set. This feature is being\n * DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[ 496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[ 496.310297] ? skb_warn_bad_offload+0xc4/0xe0\n[ 496.310300] skb_checksum_help+0x129/0x1f0\n[ 496.310303] skb_csum_hwoffload_help+0x150/0x1b0\n[ 496.310306] validate_xmit_skb+0x159/0x270\n[ 496.310309] validate_xmit_skb_list+0x41/0x70\n[ 496.310312] sch_direct_xmit+0x5c/0x250\n[ 496.310317] __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21629",
"url": "https://www.suse.com/security/cve/CVE-2025-21629"
},
{
"category": "external",
"summary": "SUSE Bug 1235968 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1235968"
},
{
"category": "external",
"summary": "SUSE Bug 1244722 for CVE-2025-21629",
"url": "https://bugzilla.suse.com/1244722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-21629"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix an integer overflow in xp_create_and_assign_umem()\n\nSince the i and pool-\u003echunk_size variables are of type \u0027u32\u0027,\ntheir product can wrap around and then be cast to \u0027u64\u0027.\nThis can lead to two different XDP buffers pointing to the same\nmemory area.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21997",
"url": "https://www.suse.com/security/cve/CVE-2025-21997"
},
{
"category": "external",
"summary": "SUSE Bug 1240823 for CVE-2025-21997",
"url": "https://bugzilla.suse.com/1240823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21997"
},
{
"cve": "CVE-2025-22005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22005",
"url": "https://www.suse.com/security/cve/CVE-2025-22005"
},
{
"category": "external",
"summary": "SUSE Bug 1240866 for CVE-2025-22005",
"url": "https://bugzilla.suse.com/1240866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: imx-card: Add NULL check in imx_card_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\nimx_card_probe() does not check for this case, which results in a NULL\npointer dereference.\n\nAdd NULL check after devm_kasprintf() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22066",
"url": "https://www.suse.com/security/cve/CVE-2025-22066"
},
{
"category": "external",
"summary": "SUSE Bug 1241340 for CVE-2025-22066",
"url": "https://bugzilla.suse.com/1241340"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22066"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Don\u0027t expose hw_counters outside of init net namespace\n\nCommit 467f432a521a (\"RDMA/core: Split port and device counter sysfs\nattributes\") accidentally almost exposed hw counters to non-init net\nnamespaces. It didn\u0027t expose them fully, as an attempt to read any of\nthose counters leads to a crash like this one:\n\n[42021.807566] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[42021.814463] #PF: supervisor read access in kernel mode\n[42021.819549] #PF: error_code(0x0000) - not-present page\n[42021.824636] PGD 0 P4D 0\n[42021.827145] Oops: 0000 [#1] SMP PTI\n[42021.830598] CPU: 82 PID: 2843922 Comm: switchto-defaul Kdump: loaded Tainted: G S W I XXX\n[42021.841697] Hardware name: XXX\n[42021.849619] RIP: 0010:hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.855362] Code: 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 49 89 d0 4c 8b 5e 20 48 8b 8f b8 04 00 00 48 81 c7 f0 fa ff ff \u003c48\u003e 8b 41 28 48 29 ce 48 83 c6 d0 48 c1 ee 04 69 d6 ab aa aa aa 48\n[42021.873931] RSP: 0018:ffff97fe90f03da0 EFLAGS: 00010287\n[42021.879108] RAX: ffff9406988a8c60 RBX: ffff940e1072d438 RCX: 0000000000000000\n[42021.886169] RDX: ffff94085f1aa000 RSI: ffff93c6cbbdbcb0 RDI: ffff940c7517aef0\n[42021.893230] RBP: ffff97fe90f03e70 R08: ffff94085f1aa000 R09: 0000000000000000\n[42021.900294] R10: ffff94085f1aa000 R11: ffffffffc0775680 R12: ffffffff87ca2530\n[42021.907355] R13: ffff940651602840 R14: ffff93c6cbbdbcb0 R15: ffff94085f1aa000\n[42021.914418] FS: 00007fda1a3b9700(0000) GS:ffff94453fb80000(0000) knlGS:0000000000000000\n[42021.922423] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[42021.928130] CR2: 0000000000000028 CR3: 00000042dcfb8003 CR4: 00000000003726f0\n[42021.935194] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[42021.942257] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[42021.949324] Call Trace:\n[42021.951756] \u003cTASK\u003e\n[42021.953842] [\u003cffffffff86c58674\u003e] ? show_regs+0x64/0x70\n[42021.959030] [\u003cffffffff86c58468\u003e] ? __die+0x78/0xc0\n[42021.963874] [\u003cffffffff86c9ef75\u003e] ? page_fault_oops+0x2b5/0x3b0\n[42021.969749] [\u003cffffffff87674b92\u003e] ? exc_page_fault+0x1a2/0x3c0\n[42021.975549] [\u003cffffffff87801326\u003e] ? asm_exc_page_fault+0x26/0x30\n[42021.981517] [\u003cffffffffc0775680\u003e] ? __pfx_show_hw_stats+0x10/0x10 [ib_core]\n[42021.988482] [\u003cffffffffc077564e\u003e] ? hw_stat_device_show+0x1e/0x40 [ib_core]\n[42021.995438] [\u003cffffffff86ac7f8e\u003e] dev_attr_show+0x1e/0x50\n[42022.000803] [\u003cffffffff86a3eeb1\u003e] sysfs_kf_seq_show+0x81/0xe0\n[42022.006508] [\u003cffffffff86a11134\u003e] seq_read_iter+0xf4/0x410\n[42022.011954] [\u003cffffffff869f4b2e\u003e] vfs_read+0x16e/0x2f0\n[42022.017058] [\u003cffffffff869f50ee\u003e] ksys_read+0x6e/0xe0\n[42022.022073] [\u003cffffffff8766f1ca\u003e] do_syscall_64+0x6a/0xa0\n[42022.027441] [\u003cffffffff8780013b\u003e] entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe problem can be reproduced using the following steps:\n ip netns add foo\n ip netns exec foo bash\n cat /sys/class/infiniband/mlx4_0/hw_counters/*\n\nThe panic occurs because of casting the device pointer into an\nib_device pointer using container_of() in hw_stat_device_show() is\nwrong and leads to a memory corruption.\n\nHowever the real problem is that hw counters should never been exposed\noutside of the non-init net namespace.\n\nFix this by saving the index of the corresponding attribute group\n(it might be 1 or 2 depending on the presence of driver-specific\nattributes) and zeroing the pointer to hw_counters group for compat\ndevices during the initialization.\n\nWith this fix applied hw_counters are not available in a non-init\nnet namespace:\n find /sys/class/infiniband/mlx4_0/ -name hw_counters\n /sys/class/infiniband/mlx4_0/ports/1/hw_counters\n /sys/class/infiniband/mlx4_0/ports/2/hw_counters\n /sys/class/infiniband/mlx4_0/hw_counters\n\n ip netns add foo\n ip netns exec foo bash\n find /sys/class/infiniband/mlx4_0/ -name hw_counters",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22089",
"url": "https://www.suse.com/security/cve/CVE-2025-22089"
},
{
"category": "external",
"summary": "SUSE Bug 1241538 for CVE-2025-22089",
"url": "https://bugzilla.suse.com/1241538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22089"
},
{
"cve": "CVE-2025-22095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22095",
"url": "https://www.suse.com/security/cve/CVE-2025-22095"
},
{
"category": "external",
"summary": "SUSE Bug 1241519 for CVE-2025-22095",
"url": "https://bugzilla.suse.com/1241519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: init wiphy_work before allocating rfkill fails\n\nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]\n\nAfter rfkill allocation fails, the wiphy release process will be performed,\nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work\nrelated data.\n\nMove the initialization of wiphy_work to before rfkill initialization to\navoid this issue.\n\n[1]\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n assign_lock_key kernel/locking/lockdep.c:983 [inline]\n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297\n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103\n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162\n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196\n device_release+0xa1/0x240 drivers/base/core.c:2568\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1e4/0x5a0 lib/kobject.c:737\n put_device+0x1f/0x30 drivers/base/core.c:3774\n wiphy_free net/wireless/core.c:1224 [inline]\n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562\n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835\n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185\n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg net/socket.c:733 [inline]\n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627\n __sys_sendmsg+0x16e/0x220 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n\nClose: https://syzkaller.appspot.com/bug?extid=aaf0488c83d1d5f4f029",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22119",
"url": "https://www.suse.com/security/cve/CVE-2025-22119"
},
{
"category": "external",
"summary": "SUSE Bug 1241576 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241576"
},
{
"category": "external",
"summary": "SUSE Bug 1241577 for CVE-2025-22119",
"url": "https://bugzilla.suse.com/1241577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-22119"
},
{
"cve": "CVE-2025-22124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: fix wrong bitmap_limit for clustermd when write sb\n\nIn clustermd, separate write-intent-bitmaps are used for each cluster\nnode:\n\n0 4k 8k 12k\n-------------------------------------------------------------------\n| idle | md super | bm super [0] + bits |\n| bm bits[0, contd] | bm super[1] + bits | bm bits[1, contd] |\n| bm super[2] + bits | bm bits [2, contd] | bm super[3] + bits |\n| bm bits [3, contd] | | |\n\nSo in node 1, pg_index in __write_sb_page() could equal to\nbitmap-\u003estorage.file_pages. Then bitmap_limit will be calculated to\n0. md_super_write() will be called with 0 size.\nThat means the first 4k sb area of node 1 will never be updated\nthrough filemap_write_page().\nThis bug causes hang of mdadm/clustermd_tests/01r1_Grow_resize.\n\nHere use (pg_index % bitmap-\u003estorage.file_pages) to make calculation\nof bitmap_limit correct.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22124",
"url": "https://www.suse.com/security/cve/CVE-2025-22124"
},
{
"category": "external",
"summary": "SUSE Bug 1241595 for CVE-2025-22124",
"url": "https://bugzilla.suse.com/1241595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22124"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23142",
"url": "https://www.suse.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "SUSE Bug 1242760 for CVE-2025-23142",
"url": "https://bugzilla.suse.com/1242760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23142"
},
{
"cve": "CVE-2025-23144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23144"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: led_bl: Hold led_access lock when calling led_sysfs_disable()\n\nLockdep detects the following issue on led-backlight removal:\n [ 142.315935] ------------[ cut here ]------------\n [ 142.315954] WARNING: CPU: 2 PID: 292 at drivers/leds/led-core.c:455 led_sysfs_enable+0x54/0x80\n ...\n [ 142.500725] Call trace:\n [ 142.503176] led_sysfs_enable+0x54/0x80 (P)\n [ 142.507370] led_bl_remove+0x80/0xa8 [led_bl]\n [ 142.511742] platform_remove+0x30/0x58\n [ 142.515501] device_remove+0x54/0x90\n ...\n\nIndeed, led_sysfs_enable() has to be called with the led_access\nlock held.\n\nHold the lock when calling led_sysfs_disable().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23144",
"url": "https://www.suse.com/security/cve/CVE-2025-23144"
},
{
"category": "external",
"summary": "SUSE Bug 1242568 for CVE-2025-23144",
"url": "https://bugzilla.suse.com/1242568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23144"
},
{
"cve": "CVE-2025-23146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: ene-kb3930: Fix a potential NULL pointer dereference\n\nThe off_gpios could be NULL. Add missing check in the kb3930_probe().\nThis is similar to the issue fixed in commit b1ba8bcb2d1f\n(\"backlight: hx8357: Fix potential NULL pointer dereference\").\n\nThis was detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23146",
"url": "https://www.suse.com/security/cve/CVE-2025-23146"
},
{
"category": "external",
"summary": "SUSE Bug 1242559 for CVE-2025-23146",
"url": "https://bugzilla.suse.com/1242559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23146"
},
{
"cve": "CVE-2025-23147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: Add NULL pointer check in i3c_master_queue_ibi()\n\nThe I3C master driver may receive an IBI from a target device that has not\nbeen probed yet. In such cases, the master calls `i3c_master_queue_ibi()`\nto queue an IBI work task, leading to \"Unable to handle kernel read from\nunreadable memory\" and resulting in a kernel panic.\n\nTypical IBI handling flow:\n1. The I3C master scans target devices and probes their respective drivers.\n2. The target device driver calls `i3c_device_request_ibi()` to enable IBI\n and assigns `dev-\u003eibi = ibi`.\n3. The I3C master receives an IBI from the target device and calls\n `i3c_master_queue_ibi()` to queue the target device driver\u0027s IBI\n handler task.\n\nHowever, since target device events are asynchronous to the I3C probe\nsequence, step 3 may occur before step 2, causing `dev-\u003eibi` to be `NULL`,\nleading to a kernel panic.\n\nAdd a NULL pointer check in `i3c_master_queue_ibi()` to prevent accessing\nan uninitialized `dev-\u003eibi`, ensuring stability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23147",
"url": "https://www.suse.com/security/cve/CVE-2025-23147"
},
{
"category": "external",
"summary": "SUSE Bug 1242530 for CVE-2025-23147",
"url": "https://bugzilla.suse.com/1242530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23147"
},
{
"cve": "CVE-2025-23148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()\n\nsoc_dev_attr-\u003erevision could be NULL, thus,\na pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23148",
"url": "https://www.suse.com/security/cve/CVE-2025-23148"
},
{
"category": "external",
"summary": "SUSE Bug 1242578 for CVE-2025-23148",
"url": "https://bugzilla.suse.com/1242578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23148"
},
{
"cve": "CVE-2025-23149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: do not start chip while suspended\n\nChecking TPM_CHIP_FLAG_SUSPENDED after the call to tpm_find_get_ops() can\nlead to a spurious tpm_chip_start() call:\n\n[35985.503771] i2c i2c-1: Transfer while suspended\n[35985.503796] WARNING: CPU: 0 PID: 74 at drivers/i2c/i2c-core.h:56 __i2c_transfer+0xbe/0x810\n[35985.503802] Modules linked in:\n[35985.503808] CPU: 0 UID: 0 PID: 74 Comm: hwrng Tainted: G W 6.13.0-next-20250203-00005-gfa0cb5642941 #19 9c3d7f78192f2d38e32010ac9c90fdc71109ef6f\n[35985.503814] Tainted: [W]=WARN\n[35985.503817] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[35985.503819] RIP: 0010:__i2c_transfer+0xbe/0x810\n[35985.503825] Code: 30 01 00 00 4c 89 f7 e8 40 fe d8 ff 48 8b 93 80 01 00 00 48 85 d2 75 03 49 8b 16 48 c7 c7 0a fb 7c a7 48 89 c6 e8 32 ad b0 fe \u003c0f\u003e 0b b8 94 ff ff ff e9 33 04 00 00 be 02 00 00 00 83 fd 02 0f 5\n[35985.503828] RSP: 0018:ffffa106c0333d30 EFLAGS: 00010246\n[35985.503833] RAX: 074ba64aa20f7000 RBX: ffff8aa4c1167120 RCX: 0000000000000000\n[35985.503836] RDX: 0000000000000000 RSI: ffffffffa77ab0e4 RDI: 0000000000000001\n[35985.503838] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\n[35985.503841] R10: 0000000000000004 R11: 00000001000313d5 R12: ffff8aa4c10f1820\n[35985.503843] R13: ffff8aa4c0e243c0 R14: ffff8aa4c1167250 R15: ffff8aa4c1167120\n[35985.503846] FS: 0000000000000000(0000) GS:ffff8aa4eae00000(0000) knlGS:0000000000000000\n[35985.503849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[35985.503852] CR2: 00007fab0aaf1000 CR3: 0000000105328000 CR4: 00000000003506f0\n[35985.503855] Call Trace:\n[35985.503859] \u003cTASK\u003e\n[35985.503863] ? __warn+0xd4/0x260\n[35985.503868] ? __i2c_transfer+0xbe/0x810\n[35985.503874] ? report_bug+0xf3/0x210\n[35985.503882] ? handle_bug+0x63/0xb0\n[35985.503887] ? exc_invalid_op+0x16/0x50\n[35985.503892] ? asm_exc_invalid_op+0x16/0x20\n[35985.503904] ? __i2c_transfer+0xbe/0x810\n[35985.503913] tpm_cr50_i2c_transfer_message+0x24/0xf0\n[35985.503920] tpm_cr50_i2c_read+0x8e/0x120\n[35985.503928] tpm_cr50_request_locality+0x75/0x170\n[35985.503935] tpm_chip_start+0x116/0x160\n[35985.503942] tpm_try_get_ops+0x57/0x90\n[35985.503948] tpm_find_get_ops+0x26/0xd0\n[35985.503955] tpm_get_random+0x2d/0x80\n\nDon\u0027t move forward with tpm_chip_start() inside tpm_try_get_ops(), unless\nTPM_CHIP_FLAG_SUSPENDED is not set. tpm_find_get_ops() will return NULL in\nsuch a failure case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23149",
"url": "https://www.suse.com/security/cve/CVE-2025-23149"
},
{
"category": "external",
"summary": "SUSE Bug 1242758 for CVE-2025-23149",
"url": "https://bugzilla.suse.com/1242758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23149"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Fix race between unprepare and queue_buf\n\nA client driver may use mhi_unprepare_from_transfer() to quiesce\nincoming data during the client driver\u0027s tear down. The client driver\nmight also be processing data at the same time, resulting in a call to\nmhi_queue_buf() which will invoke mhi_gen_tre(). If mhi_gen_tre() runs\nafter mhi_unprepare_from_transfer() has torn down the channel, a panic\nwill occur due to an invalid dereference leading to a page fault.\n\nThis occurs because mhi_gen_tre() does not verify the channel state\nafter locking it. Fix this by having mhi_gen_tre() confirm the channel\nstate is valid, or return error to avoid accessing deinitialized data.\n\n[mani: added stable tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23151",
"url": "https://www.suse.com/security/cve/CVE-2025-23151"
},
{
"category": "external",
"summary": "SUSE Bug 1242512 for CVE-2025-23151",
"url": "https://bugzilla.suse.com/1242512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23151"
},
{
"cve": "CVE-2025-23156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: refactor hfi packet parsing logic\n\nwords_count denotes the number of words in total payload, while data\npoints to payload of various property within it. When words_count\nreaches last word, data can access memory beyond the total payload. This\ncan lead to OOB access. With this patch, the utility api for handling\nindividual properties now returns the size of data consumed. Accordingly\nremaining bytes are calculated before parsing the payload, thereby\neliminates the OOB access possibilities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23156",
"url": "https://www.suse.com/security/cve/CVE-2025-23156"
},
{
"category": "external",
"summary": "SUSE Bug 1242569 for CVE-2025-23156",
"url": "https://bugzilla.suse.com/1242569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23156"
},
{
"cve": "CVE-2025-23157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi_parser: add check to avoid out of bound access\n\nThere is a possibility that init_codecs is invoked multiple times during\nmanipulated payload from video firmware. In such case, if codecs_count\ncan get incremented to value more than MAX_CODEC_NUM, there can be OOB\naccess. Reset the count so that it always starts from beginning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23157",
"url": "https://www.suse.com/security/cve/CVE-2025-23157"
},
{
"category": "external",
"summary": "SUSE Bug 1242532 for CVE-2025-23157",
"url": "https://bugzilla.suse.com/1242532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23157"
},
{
"cve": "CVE-2025-23158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add check to handle incorrect queue size\n\nqsize represents size of shared queued between driver and video\nfirmware. Firmware can modify this value to an invalid large value. In\nsuch situation, empty_space will be bigger than the space actually\navailable. Since new_wr_idx is not checked, so the following code will\nresult in an OOB write.\n...\nqsize = qhdr-\u003eq_size\n\nif (wr_idx \u003e= rd_idx)\n empty_space = qsize - (wr_idx - rd_idx)\n....\nif (new_wr_idx \u003c qsize) {\n memcpy(wr_ptr, packet, dwords \u003c\u003c 2) --\u003e OOB write\n\nAdd check to ensure qsize is within the allocated size while\nreading and writing packets into the queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23158",
"url": "https://www.suse.com/security/cve/CVE-2025-23158"
},
{
"category": "external",
"summary": "SUSE Bug 1242531 for CVE-2025-23158",
"url": "https://bugzilla.suse.com/1242531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23158"
},
{
"cve": "CVE-2025-23159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: hfi: add a check to handle OOB in sfr region\n\nsfr-\u003ebuf_size is in shared memory and can be modified by malicious user.\nOOB write is possible when the size is made higher than actual sfr data\nbuffer. Cap the size to allocated size for such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23159",
"url": "https://www.suse.com/security/cve/CVE-2025-23159"
},
{
"category": "external",
"summary": "SUSE Bug 1242529 for CVE-2025-23159",
"url": "https://bugzilla.suse.com/1242529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23159"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-23161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type\n\nThe access to the PCI config space via pci_ops::read and pci_ops::write is\na low-level hardware access. The functions can be accessed with disabled\ninterrupts even on PREEMPT_RT. The pci_lock is a raw_spinlock_t for this\npurpose.\n\nA spinlock_t becomes a sleeping lock on PREEMPT_RT, so it cannot be\nacquired with disabled interrupts. The vmd_dev::cfg_lock is accessed in\nthe same context as the pci_lock.\n\nMake vmd_dev::cfg_lock a raw_spinlock_t type so it can be used with\ninterrupts disabled.\n\nThis was reported as:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n Call Trace:\n rt_spin_lock+0x4e/0x130\n vmd_pci_read+0x8d/0x100 [vmd]\n pci_user_read_config_byte+0x6f/0xe0\n pci_read_config+0xfe/0x290\n sysfs_kf_bin_read+0x68/0x90\n\n[bigeasy: reword commit message]\nTested-off-by: Luis Claudio R. Goncalves \u003clgoncalv@redhat.com\u003e\n[kwilczynski: commit log]\n[bhelgaas: add back report info from\nhttps://lore.kernel.org/lkml/20241218115951.83062-1-ryotkkr98@gmail.com/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23161",
"url": "https://www.suse.com/security/cve/CVE-2025-23161"
},
{
"category": "external",
"summary": "SUSE Bug 1242792 for CVE-2025-23161",
"url": "https://bugzilla.suse.com/1242792"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23161"
},
{
"cve": "CVE-2025-37740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add sanity check for agwidth in dbMount\n\nThe width in dmapctl of the AG is zero, it trigger a divide error when\ncalculating the control page level in dbAllocAG.\n\nTo avoid this issue, add a check for agwidth in dbAllocAG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37740",
"url": "https://www.suse.com/security/cve/CVE-2025-37740"
},
{
"category": "external",
"summary": "SUSE Bug 1243006 for CVE-2025-37740",
"url": "https://bugzilla.suse.com/1243006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37740"
},
{
"cve": "CVE-2025-37741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Prevent copying of nlink with value 0 from disk inode\n\nsyzbot report a deadlock in diFree. [1]\n\nWhen calling \"ioctl$LOOP_SET_STATUS64\", the offset value passed in is 4,\nwhich does not match the mounted loop device, causing the mapping of the\nmounted loop device to be invalidated.\n\nWhen creating the directory and creating the inode of iag in diReadSpecial(),\nread the page of fixed disk inode (AIT) in raw mode in read_metapage(), the\nmetapage data it returns is corrupted, which causes the nlink value of 0 to be\nassigned to the iag inode when executing copy_from_dinode(), which ultimately\ncauses a deadlock when entering diFree().\n\nTo avoid this, first check the nlink value of dinode before setting iag inode.\n\n[1]\nWARNING: possible recursive locking detected\n6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0 Not tainted\n--------------------------------------------\nsyz-executor301/5309 is trying to acquire lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n\nbut task is already holding lock:\nffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026(imap-\u003eim_aglock[index]));\n lock(\u0026(imap-\u003eim_aglock[index]));\n\n *** DEADLOCK ***\n\n May be due to missing lock nesting notation\n\n5 locks held by syz-executor301/5309:\n #0: ffff8880422a4420 (sb_writers#9){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90 fs/namespace.c:515\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:850 [inline]\n #1: ffff88804755b390 (\u0026type-\u003ei_mutex_dir_key#6/1){+.+.}-{3:3}, at: filename_create+0x260/0x540 fs/namei.c:4026\n #2: ffff888044548920 (\u0026(imap-\u003eim_aglock[index])){+.+.}-{3:3}, at: diAlloc+0x1b6/0x1630\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2460 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #3: ffff888044548890 (\u0026imap-\u003eim_freelock){+.+.}-{3:3}, at: diAllocAG+0x4b7/0x1e50 fs/jfs/jfs_imap.c:1669\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diNewIAG fs/jfs/jfs_imap.c:2477 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n #4: ffff88804755a618 (\u0026jfs_ip-\u003erdwrlock/1){++++}-{3:3}, at: diAllocAG+0x869/0x1e50 fs/jfs/jfs_imap.c:1669\n\nstack backtrace:\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor301 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_deadlock_bug+0x483/0x620 kernel/locking/lockdep.c:3037\n check_deadlock kernel/locking/lockdep.c:3089 [inline]\n validate_chain+0x15e2/0x5920 kernel/locking/lockdep.c:3891\n __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __mutex_lock_common kernel/locking/mutex.c:608 [inline]\n __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752\n diFree+0x37c/0x2fb0 fs/jfs/jfs_imap.c:889\n jfs_evict_inode+0x32d/0x440 fs/jfs/inode.c:156\n evict+0x4e8/0x9b0 fs/inode.c:725\n diFreeSpecial fs/jfs/jfs_imap.c:552 [inline]\n duplicateIXtree+0x3c6/0x550 fs/jfs/jfs_imap.c:3022\n diNewIAG fs/jfs/jfs_imap.c:2597 [inline]\n diAllocExt fs/jfs/jfs_imap.c:1905 [inline]\n diAllocAG+0x17dc/0x1e50 fs/jfs/jfs_imap.c:1669\n diAlloc+0x1d2/0x1630 fs/jfs/jfs_imap.c:1590\n ialloc+0x8f/0x900 fs/jfs/jfs_inode.c:56\n jfs_mkdir+0x1c5/0xba0 fs/jfs/namei.c:225\n vfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\n do_mkdirat+0x264/0x3a0 fs/namei.c:4280\n __do_sys_mkdirat fs/namei.c:4295 [inline]\n __se_sys_mkdirat fs/namei.c:4293 [inline]\n __x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\n do_syscall_x64 arch/x86/en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37741",
"url": "https://www.suse.com/security/cve/CVE-2025-37741"
},
{
"category": "external",
"summary": "SUSE Bug 1243015 for CVE-2025-37741",
"url": "https://bugzilla.suse.com/1243015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37741"
},
{
"cve": "CVE-2025-37742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of imap allocated in the diMount() function\n\nsyzbot reports that hex_dump_to_buffer is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in hex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nhex_dump_to_buffer+0x888/0x1100 lib/hexdump.c:171\nprint_hex_dump+0x13d/0x3e0 lib/hexdump.c:276\ndiFree+0x5ba/0x4350 fs/jfs/jfs_imap.c:876\njfs_evict_inode+0x510/0x550 fs/jfs/inode.c:156\nevict+0x723/0xd10 fs/inode.c:796\niput_final fs/inode.c:1946 [inline]\niput+0x97b/0xdb0 fs/inode.c:1972\ntxUpdateMap+0xf3e/0x1150 fs/jfs/jfs_txnmgr.c:2367\ntxLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline]\njfs_lazycommit+0x627/0x11d0 fs/jfs/jfs_txnmgr.c:2733\nkthread+0x6b9/0xef0 kernel/kthread.c:464\nret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:148\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nUninit was created at:\nslab_post_alloc_hook mm/slub.c:4121 [inline]\nslab_alloc_node mm/slub.c:4164 [inline]\n__kmalloc_cache_noprof+0x8e3/0xdf0 mm/slub.c:4320\nkmalloc_noprof include/linux/slab.h:901 [inline]\ndiMount+0x61/0x7f0 fs/jfs/jfs_imap.c:105\njfs_mount+0xa8e/0x11d0 fs/jfs/jfs_mount.c:176\njfs_fill_super+0xa47/0x17c0 fs/jfs/super.c:523\nget_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636\nget_tree_bdev+0x37/0x50 fs/super.c:1659\njfs_get_tree+0x34/0x40 fs/jfs/super.c:635\nvfs_get_tree+0xb1/0x5a0 fs/super.c:1814\ndo_new_mount+0x71f/0x15e0 fs/namespace.c:3560\npath_mount+0x742/0x1f10 fs/namespace.c:3887\ndo_mount fs/namespace.c:3900 [inline]\n__do_sys_mount fs/namespace.c:4111 [inline]\n__se_sys_mount+0x71f/0x800 fs/namespace.c:4088\n__x64_sys_mount+0xe4/0x150 fs/namespace.c:4088\nx64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n=====================================================\n\nThe reason is that imap is not properly initialized after memory\nallocation. It will cause the snprintf() function to write uninitialized\ndata into linebuf within hex_dump_to_buffer().\n\nFix this by using kzalloc instead of kmalloc to clear its content at the\nbeginning in diMount().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37742",
"url": "https://www.suse.com/security/cve/CVE-2025-37742"
},
{
"category": "external",
"summary": "SUSE Bug 1243011 for CVE-2025-37742",
"url": "https://bugzilla.suse.com/1243011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 1.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37742"
},
{
"cve": "CVE-2025-37743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Avoid memory leak while enabling statistics\n\nDriver uses monitor destination rings for extended statistics mode and\nstandalone monitor mode. In extended statistics mode, TLVs are parsed from\nthe buffer received from the monitor destination ring and assigned to the\nppdu_info structure to update per-packet statistics. In standalone monitor\nmode, along with per-packet statistics, the packet data (payload) is\ncaptured, and the driver updates per MSDU to mac80211.\n\nWhen the AP interface is enabled, only extended statistics mode is\nactivated. As part of enabling monitor rings for collecting statistics,\nthe driver subscribes to HAL_RX_MPDU_START TLV in the filter\nconfiguration. This TLV is received from the monitor destination ring, and\nkzalloc for the mon_mpdu object occurs, which is not freed, leading to a\nmemory leak. The kzalloc for the mon_mpdu object is only required while\nenabling the standalone monitor interface. This causes a memory leak while\nenabling extended statistics mode in the driver.\n\nFix this memory leak by removing the kzalloc for the mon_mpdu object in\nthe HAL_RX_MPDU_START TLV handling. Additionally, remove the standalone\nmonitor mode handlings in the HAL_MON_BUF_ADDR and HAL_RX_MSDU_END TLVs.\nThese TLV tags will be handled properly when enabling standalone monitor\nmode in the future.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37743",
"url": "https://www.suse.com/security/cve/CVE-2025-37743"
},
{
"category": "external",
"summary": "SUSE Bug 1242163 for CVE-2025-37743",
"url": "https://bugzilla.suse.com/1242163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37743"
},
{
"cve": "CVE-2025-37747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix hang while freeing sigtrap event\n\nPerf can hang while freeing a sigtrap event if a related deferred\nsignal hadn\u0027t managed to be sent before the file got closed:\n\nperf_event_overflow()\n task_work_add(perf_pending_task)\n\nfput()\n task_work_add(____fput())\n\ntask_work_run()\n ____fput()\n perf_release()\n perf_event_release_kernel()\n _free_event()\n perf_pending_task_sync()\n task_work_cancel() -\u003e FAILED\n rcuwait_wait_event()\n\nOnce task_work_run() is running, the list of pending callbacks is\nremoved from the task_struct and from this point on task_work_cancel()\ncan\u0027t remove any pending and not yet started work items, hence the\ntask_work_cancel() failure and the hang on rcuwait_wait_event().\n\nTask work could be changed to remove one work at a time, so a work\nrunning on the current task can always cancel a pending one, however\nthe wait / wake design is still subject to inverted dependencies when\nremote targets are involved, as pictured by Oleg:\n\nT1 T2\n\nfd = perf_event_open(pid =\u003e T2-\u003epid); fd = perf_event_open(pid =\u003e T1-\u003epid);\nclose(fd) close(fd)\n \u003cIRQ\u003e \u003cIRQ\u003e\n perf_event_overflow() perf_event_overflow()\n task_work_add(perf_pending_task) task_work_add(perf_pending_task)\n \u003c/IRQ\u003e \u003c/IRQ\u003e\n fput() fput()\n task_work_add(____fput()) task_work_add(____fput())\n\n task_work_run() task_work_run()\n ____fput() ____fput()\n perf_release() perf_release()\n perf_event_release_kernel() perf_event_release_kernel()\n _free_event() _free_event()\n perf_pending_task_sync() perf_pending_task_sync()\n rcuwait_wait_event() rcuwait_wait_event()\n\nTherefore the only option left is to acquire the event reference count\nupon queueing the perf task work and release it from the task work, just\nlike it was done before 3a5465418f5f (\"perf: Fix event leak upon exec and file release\")\nbut without the leaks it fixed.\n\nSome adjustments are necessary to make it work:\n\n* A child event might dereference its parent upon freeing. Care must be\n taken to release the parent last.\n\n* Some places assuming the event doesn\u0027t have any reference held and\n therefore can be freed right away must instead put the reference and\n let the reference counting to its job.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37747",
"url": "https://www.suse.com/security/cve/CVE-2025-37747"
},
{
"category": "external",
"summary": "SUSE Bug 1242520 for CVE-2025-37747",
"url": "https://bugzilla.suse.com/1242520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37747"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u003e\u003e p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/huc: Fix fence not released on early probe errors\n\nHuC delayed loading fence, introduced with commit 27536e03271da\n(\"drm/i915/huc: track delayed HuC load with a fence\"), is registered with\nobject tracker early on driver probe but unregistered only from driver\nremove, which is not called on early probe errors. Since its memory is\nallocated under devres, then released anyway, it may happen to be\nallocated again to the fence and reused on future driver probes, resulting\nin kernel warnings that taint the kernel:\n\n\u003c4\u003e [309.731371] ------------[ cut here ]------------\n\u003c3\u003e [309.731373] ODEBUG: init destroyed (active state 0) object: ffff88813d7dd2e0 object type: i915_sw_fence hint: sw_fence_dummy_notify+0x0/0x20 [i915]\n\u003c4\u003e [309.731575] WARNING: CPU: 2 PID: 3161 at lib/debugobjects.c:612 debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731693] CPU: 2 UID: 0 PID: 3161 Comm: i915_module_loa Tainted: G U 6.14.0-CI_DRM_16362-gf0fd77956987+ #1\n...\n\u003c4\u003e [309.731700] RIP: 0010:debug_print_object+0x93/0xf0\n...\n\u003c4\u003e [309.731728] Call Trace:\n\u003c4\u003e [309.731730] \u003cTASK\u003e\n...\n\u003c4\u003e [309.731949] __debug_object_init+0x17b/0x1c0\n\u003c4\u003e [309.731957] debug_object_init+0x34/0x50\n\u003c4\u003e [309.732126] __i915_sw_fence_init+0x34/0x60 [i915]\n\u003c4\u003e [309.732256] intel_huc_init_early+0x4b/0x1d0 [i915]\n\u003c4\u003e [309.732468] intel_uc_init_early+0x61/0x680 [i915]\n\u003c4\u003e [309.732667] intel_gt_common_init_early+0x105/0x130 [i915]\n\u003c4\u003e [309.732804] intel_root_gt_init_early+0x63/0x80 [i915]\n\u003c4\u003e [309.732938] i915_driver_probe+0x1fa/0xeb0 [i915]\n\u003c4\u003e [309.733075] i915_pci_probe+0xe6/0x220 [i915]\n\u003c4\u003e [309.733198] local_pci_probe+0x44/0xb0\n\u003c4\u003e [309.733203] pci_device_probe+0xf4/0x270\n\u003c4\u003e [309.733209] really_probe+0xee/0x3c0\n\u003c4\u003e [309.733215] __driver_probe_device+0x8c/0x180\n\u003c4\u003e [309.733219] driver_probe_device+0x24/0xd0\n\u003c4\u003e [309.733223] __driver_attach+0x10f/0x220\n\u003c4\u003e [309.733230] bus_for_each_dev+0x7d/0xe0\n\u003c4\u003e [309.733236] driver_attach+0x1e/0x30\n\u003c4\u003e [309.733239] bus_add_driver+0x151/0x290\n\u003c4\u003e [309.733244] driver_register+0x5e/0x130\n\u003c4\u003e [309.733247] __pci_register_driver+0x7d/0x90\n\u003c4\u003e [309.733251] i915_pci_register_driver+0x23/0x30 [i915]\n\u003c4\u003e [309.733413] i915_init+0x34/0x120 [i915]\n\u003c4\u003e [309.733655] do_one_initcall+0x62/0x3f0\n\u003c4\u003e [309.733667] do_init_module+0x97/0x2a0\n\u003c4\u003e [309.733671] load_module+0x25ff/0x2890\n\u003c4\u003e [309.733688] init_module_from_file+0x97/0xe0\n\u003c4\u003e [309.733701] idempotent_init_module+0x118/0x330\n\u003c4\u003e [309.733711] __x64_sys_finit_module+0x77/0x100\n\u003c4\u003e [309.733715] x64_sys_call+0x1f37/0x2650\n\u003c4\u003e [309.733719] do_syscall_64+0x91/0x180\n\u003c4\u003e [309.733763] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\u003c4\u003e [309.733792] \u003c/TASK\u003e\n...\n\u003c4\u003e [309.733806] ---[ end trace 0000000000000000 ]---\n\nThat scenario is most easily reproducible with\nigt@i915_module_load@reload-with-fault-injection.\n\nFix the issue by moving the cleanup step to driver release path.\n\n(cherry picked from commit 795dbde92fe5c6996a02a5b579481de73035e7bf)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37754",
"url": "https://www.suse.com/security/cve/CVE-2025-37754"
},
{
"category": "external",
"summary": "SUSE Bug 1242524 for CVE-2025-37754",
"url": "https://bugzilla.suse.com/1242524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37754"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()\n\ndevm_ioremap() returns NULL on error. Currently, pxa_ata_probe() does\nnot check for this case, which can result in a NULL pointer dereference.\n\nAdd NULL check after devm_ioremap() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37758",
"url": "https://www.suse.com/security/cve/CVE-2025-37758"
},
{
"category": "external",
"summary": "SUSE Bug 1242514 for CVE-2025-37758",
"url": "https://bugzilla.suse.com/1242514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37758"
},
{
"cve": "CVE-2025-37765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: prime: fix ttm_bo_delayed_delete oops\n\nFix an oops in ttm_bo_delayed_delete which results from dererencing a\ndangling pointer:\n\nOops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP\nCPU: 4 UID: 0 PID: 1082 Comm: kworker/u65:2 Not tainted 6.14.0-rc4-00267-g505460b44513-dirty #216\nHardware name: LENOVO 82N6/LNVNB161216, BIOS GKCN65WW 01/16/2024\nWorkqueue: ttm ttm_bo_delayed_delete [ttm]\nRIP: 0010:dma_resv_iter_first_unlocked+0x55/0x290\nCode: 31 f6 48 c7 c7 00 2b fa aa e8 97 bd 52 ff e8 a2 c1 53 00 5a 85 c0 74 48 e9 88 01 00 00 4c 89 63 20 4d 85 e4 0f 84 30 01 00 00 \u003c41\u003e 8b 44 24 10 c6 43 2c 01 48 89 df 89 43 28 e8 97 fd ff ff 4c 8b\nRSP: 0018:ffffbf9383473d60 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: ffffbf9383473d88 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffbf9383473d78 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 6b6b6b6b6b6b6b6b\nR13: ffffa003bbf78580 R14: ffffa003a6728040 R15: 00000000000383cc\nFS: 0000000000000000(0000) GS:ffffa00991c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000758348024dd0 CR3: 000000012c259000 CR4: 0000000000f50ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x26\n ? die_addr+0x3d/0x70\n ? exc_general_protection+0x159/0x460\n ? asm_exc_general_protection+0x27/0x30\n ? dma_resv_iter_first_unlocked+0x55/0x290\n dma_resv_wait_timeout+0x56/0x100\n ttm_bo_delayed_delete+0x69/0xb0 [ttm]\n process_one_work+0x217/0x5c0\n worker_thread+0x1c8/0x3d0\n ? apply_wqattrs_cleanup.part.0+0xc0/0xc0\n kthread+0x10b/0x240\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork+0x40/0x70\n ? kthreads_online_cpu+0x140/0x140\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe cause of this is:\n\n- drm_prime_gem_destroy calls dma_buf_put(dma_buf) which releases the\n reference to the shared dma_buf. The reference count is 0, so the\n dma_buf is destroyed, which in turn decrements the corresponding\n amdgpu_bo reference count to 0, and the amdgpu_bo is destroyed -\n calling drm_gem_object_release then dma_resv_fini (which destroys the\n reservation object), then finally freeing the amdgpu_bo.\n\n- nouveau_bo obj-\u003ebo.base.resv is now a dangling pointer to the memory\n formerly allocated to the amdgpu_bo.\n\n- nouveau_gem_object_del calls ttm_bo_put(\u0026nvbo-\u003ebo) which calls\n ttm_bo_release, which schedules ttm_bo_delayed_delete.\n\n- ttm_bo_delayed_delete runs and dereferences the dangling resv pointer,\n resulting in a general protection fault.\n\nFix this by moving the drm_prime_gem_destroy call from\nnouveau_gem_object_del to nouveau_bo_del_ttm. This ensures that it will\nbe run after ttm_bo_delayed_delete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37765",
"url": "https://www.suse.com/security/cve/CVE-2025-37765"
},
{
"category": "external",
"summary": "SUSE Bug 1242761 for CVE-2025-37765",
"url": "https://bugzilla.suse.com/1242761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37765"
},
{
"cve": "CVE-2025-37766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37766",
"url": "https://www.suse.com/security/cve/CVE-2025-37766"
},
{
"category": "external",
"summary": "SUSE Bug 1242785 for CVE-2025-37766",
"url": "https://bugzilla.suse.com/1242785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37766"
},
{
"cve": "CVE-2025-37767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37767",
"url": "https://www.suse.com/security/cve/CVE-2025-37767"
},
{
"category": "external",
"summary": "SUSE Bug 1242501 for CVE-2025-37767",
"url": "https://bugzilla.suse.com/1242501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37767"
},
{
"cve": "CVE-2025-37768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37768",
"url": "https://www.suse.com/security/cve/CVE-2025-37768"
},
{
"category": "external",
"summary": "SUSE Bug 1242567 for CVE-2025-37768",
"url": "https://bugzilla.suse.com/1242567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37768"
},
{
"cve": "CVE-2025-37769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm/smu11: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n(cherry picked from commit da7dc714a8f8e1c9fc33c57cd63583779a3bef71)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37769",
"url": "https://www.suse.com/security/cve/CVE-2025-37769"
},
{
"category": "external",
"summary": "SUSE Bug 1242587 for CVE-2025-37769",
"url": "https://bugzilla.suse.com/1242587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37769"
},
{
"cve": "CVE-2025-37770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37770",
"url": "https://www.suse.com/security/cve/CVE-2025-37770"
},
{
"category": "external",
"summary": "SUSE Bug 1242764 for CVE-2025-37770",
"url": "https://bugzilla.suse.com/1242764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37770"
},
{
"cve": "CVE-2025-37771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Prevent division by zero\n\nThe user can set any speed value.\nIf speed is greater than UINT_MAX/8, division by zero is possible.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37771",
"url": "https://www.suse.com/security/cve/CVE-2025-37771"
},
{
"category": "external",
"summary": "SUSE Bug 1242781 for CVE-2025-37771",
"url": "https://bugzilla.suse.com/1242781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37771"
},
{
"cve": "CVE-2025-37772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix workqueue crash in cma_netevent_work_handler\n\nstruct rdma_cm_id has member \"struct work_struct net_work\"\nthat is reused for enqueuing cma_netevent_work_handler()s\nonto cma_wq.\n\nBelow crash[1] can occur if more than one call to\ncma_netevent_callback() occurs in quick succession,\nwhich further enqueues cma_netevent_work_handler()s for the\nsame rdma_cm_id, overwriting any previously queued work-item(s)\nthat was just scheduled to run i.e. there is no guarantee\nthe queued work item may run between two successive calls\nto cma_netevent_callback() and the 2nd INIT_WORK would overwrite\nthe 1st work item (for the same rdma_cm_id), despite grabbing\nid_table_lock during enqueue.\n\nAlso drgn analysis [2] indicates the work item was likely overwritten.\n\nFix this by moving the INIT_WORK() to __rdma_create_id(),\nso that it doesn\u0027t race with any existing queue_work() or\nits worker thread.\n\n[1] Trimmed crash stack:\n=============================================\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nkworker/u256:6 ... 6.12.0-0...\nWorkqueue: cma_netevent_work_handler [rdma_cm] (rdma_cm)\nRIP: 0010:process_one_work+0xba/0x31a\nCall Trace:\n worker_thread+0x266/0x3a0\n kthread+0xcf/0x100\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1a/0x30\n=============================================\n\n[2] drgn crash analysis:\n\n\u003e\u003e\u003e trace = prog.crashed_thread().stack_trace()\n\u003e\u003e\u003e trace\n(0) crash_setup_regs (./arch/x86/include/asm/kexec.h:111:15)\n(1) __crash_kexec (kernel/crash_core.c:122:4)\n(2) panic (kernel/panic.c:399:3)\n(3) oops_end (arch/x86/kernel/dumpstack.c:382:3)\n...\n(8) process_one_work (kernel/workqueue.c:3168:2)\n(9) process_scheduled_works (kernel/workqueue.c:3310:3)\n(10) worker_thread (kernel/workqueue.c:3391:4)\n(11) kthread (kernel/kthread.c:389:9)\n\nLine workqueue.c:3168 for this kernel version is in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n\n\u003e\u003e\u003e trace[8][\"work\"]\n*(struct work_struct *)0xffff92577d0a21d8 = {\n\t.data = (atomic_long_t){\n\t\t.counter = (s64)536870912, \u003c=== Note\n\t},\n\t.entry = (struct list_head){\n\t\t.next = (struct list_head *)0xffff924d075924c0,\n\t\t.prev = (struct list_head *)0xffff924d075924c0,\n\t},\n\t.func = (work_func_t)cma_netevent_work_handler+0x0 = 0xffffffffc2cec280,\n}\n\nSuspicion is that pwq is NULL:\n\u003e\u003e\u003e trace[8][\"pwq\"]\n(struct pool_workqueue *)\u003cabsent\u003e\n\nIn process_one_work(), pwq is assigned from:\nstruct pool_workqueue *pwq = get_work_pwq(work);\n\nand get_work_pwq() is:\nstatic struct pool_workqueue *get_work_pwq(struct work_struct *work)\n{\n \tunsigned long data = atomic_long_read(\u0026work-\u003edata);\n\n \tif (data \u0026 WORK_STRUCT_PWQ)\n \t\treturn work_struct_pwq(data);\n \telse\n \t\treturn NULL;\n}\n\nWORK_STRUCT_PWQ is 0x4:\n\u003e\u003e\u003e print(repr(prog[\u0027WORK_STRUCT_PWQ\u0027]))\nObject(prog, \u0027enum work_flags\u0027, value=4)\n\nBut work-\u003edata is 536870912 which is 0x20000000.\nSo, get_work_pwq() returns NULL and we crash in process_one_work():\n3168\tstrscpy(worker-\u003edesc, pwq-\u003ewq-\u003ename, WORKER_DESC_LEN);\n=============================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37772",
"url": "https://www.suse.com/security/cve/CVE-2025-37772"
},
{
"category": "external",
"summary": "SUSE Bug 1242563 for CVE-2025-37772",
"url": "https://bugzilla.suse.com/1242563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37772"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: cros-ec-tunnel: defer probe if parent EC is not present\n\nWhen i2c-cros-ec-tunnel and the EC driver are built-in, the EC parent\ndevice will not be found, leading to NULL pointer dereference.\n\nThat can also be reproduced by unbinding the controller driver and then\nloading i2c-cros-ec-tunnel module (or binding the device).\n\n[ 271.991245] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 271.998215] #PF: supervisor read access in kernel mode\n[ 272.003351] #PF: error_code(0x0000) - not-present page\n[ 272.008485] PGD 0 P4D 0\n[ 272.011022] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 272.015207] CPU: 0 UID: 0 PID: 3859 Comm: insmod Tainted: G S 6.15.0-rc1-00004-g44722359ed83 #30 PREEMPT(full) 3c7fb39a552e7d949de2ad921a7d6588d3a4fdc5\n[ 272.030312] Tainted: [S]=CPU_OUT_OF_SPEC\n[ 272.034233] Hardware name: HP Berknip/Berknip, BIOS Google_Berknip.13434.356.0 05/17/2021\n[ 272.042400] RIP: 0010:ec_i2c_probe+0x2b/0x1c0 [i2c_cros_ec_tunnel]\n[ 272.048577] Code: 1f 44 00 00 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05 06 a0 6c e7 48 89 44 24 08 4c 8d 7f 10 48 8b 47 50 4c 8b 60 78 \u003c49\u003e 83 7c 24 58 00 0f 84 2f 01 00 00 48 89 fb be 30 06 00 00 4c 9\n[ 272.067317] RSP: 0018:ffffa32082a03940 EFLAGS: 00010282\n[ 272.072541] RAX: ffff969580b6a810 RBX: ffff969580b68c10 RCX: 0000000000000000\n[ 272.079672] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff969580b68c00\n[ 272.086804] RBP: 00000000fffffdfb R08: 0000000000000000 R09: 0000000000000000\n[ 272.093936] R10: 0000000000000000 R11: ffffffffc0600000 R12: 0000000000000000\n[ 272.101067] R13: ffffffffa666fbb8 R14: ffffffffc05b5528 R15: ffff969580b68c10\n[ 272.108198] FS: 00007b930906fc40(0000) GS:ffff969603149000(0000) knlGS:0000000000000000\n[ 272.116282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 272.122024] CR2: 0000000000000058 CR3: 000000012631c000 CR4: 00000000003506f0\n[ 272.129155] Call Trace:\n[ 272.131606] \u003cTASK\u003e\n[ 272.133709] ? acpi_dev_pm_attach+0xdd/0x110\n[ 272.137985] platform_probe+0x69/0xa0\n[ 272.141652] really_probe+0x152/0x310\n[ 272.145318] __driver_probe_device+0x77/0x110\n[ 272.149678] driver_probe_device+0x1e/0x190\n[ 272.153864] __driver_attach+0x10b/0x1e0\n[ 272.157790] ? driver_attach+0x20/0x20\n[ 272.161542] bus_for_each_dev+0x107/0x150\n[ 272.165553] bus_add_driver+0x15d/0x270\n[ 272.169392] driver_register+0x65/0x110\n[ 272.173232] ? cleanup_module+0xa80/0xa80 [i2c_cros_ec_tunnel 3a00532f3f4af4a9eade753f86b0f8dd4e4e5698]\n[ 272.182617] do_one_initcall+0x110/0x350\n[ 272.186543] ? security_kernfs_init_security+0x49/0xd0\n[ 272.191682] ? __kernfs_new_node+0x1b9/0x240\n[ 272.195954] ? security_kernfs_init_security+0x49/0xd0\n[ 272.201093] ? __kernfs_new_node+0x1b9/0x240\n[ 272.205365] ? kernfs_link_sibling+0x105/0x130\n[ 272.209810] ? kernfs_next_descendant_post+0x1c/0xa0\n[ 272.214773] ? kernfs_activate+0x57/0x70\n[ 272.218699] ? kernfs_add_one+0x118/0x160\n[ 272.222710] ? __kernfs_create_file+0x71/0xa0\n[ 272.227069] ? sysfs_add_bin_file_mode_ns+0xd6/0x110\n[ 272.232033] ? internal_create_group+0x453/0x4a0\n[ 272.236651] ? __vunmap_range_noflush+0x214/0x2d0\n[ 272.241355] ? __free_frozen_pages+0x1dc/0x420\n[ 272.245799] ? free_vmap_area_noflush+0x10a/0x1c0\n[ 272.250505] ? load_module+0x1509/0x16f0\n[ 272.254431] do_init_module+0x60/0x230\n[ 272.258181] __se_sys_finit_module+0x27a/0x370\n[ 272.262627] do_syscall_64+0x6a/0xf0\n[ 272.266206] ? do_syscall_64+0x76/0xf0\n[ 272.269956] ? irqentry_exit_to_user_mode+0x79/0x90\n[ 272.274836] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n[ 272.279887] RIP: 0033:0x7b9309168d39\n[ 272.283466] Code: 5b 41 5c 5d c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d af 40 0c 00 f7 d8 64 89 01 8\n[ 272.302210] RSP: 002b:00007fff50f1a288 EFLAGS: 00000246 ORIG_RAX: 000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37781",
"url": "https://www.suse.com/security/cve/CVE-2025-37781"
},
{
"category": "external",
"summary": "SUSE Bug 1242575 for CVE-2025-37781",
"url": "https://bugzilla.suse.com/1242575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37781"
},
{
"cve": "CVE-2025-37782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37782"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37782",
"url": "https://www.suse.com/security/cve/CVE-2025-37782"
},
{
"category": "external",
"summary": "SUSE Bug 1242770 for CVE-2025-37782",
"url": "https://bugzilla.suse.com/1242770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37782"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path\n\nIn the for loop used to allocate the loc_array and bmap for each port, a\nmemory leak is possible when the allocation for loc_array succeeds,\nbut the allocation for bmap fails. This is because when the control flow\ngoes to the label free_eth_finfo, only the allocations starting from\n(i-1)th iteration are freed.\n\nFix that by freeing the loc_array in the bmap allocation error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37788",
"url": "https://www.suse.com/security/cve/CVE-2025-37788"
},
{
"category": "external",
"summary": "SUSE Bug 1242766 for CVE-2025-37788",
"url": "https://bugzilla.suse.com/1242766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37788"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btrtl: Prevent potential NULL dereference\n\nThe btrtl_initialize() function checks that rtl_load_file() either\nhad an error or it loaded a zero length file. However, if it loaded\na zero length file then the error code is not set correctly. It\nresults in an error pointer vs NULL bug, followed by a NULL pointer\ndereference. This was detected by Smatch:\n\ndrivers/bluetooth/btrtl.c:592 btrtl_initialize() warn: passing zero to \u0027ERR_PTR\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37792",
"url": "https://www.suse.com/security/cve/CVE-2025-37792"
},
{
"category": "external",
"summary": "SUSE Bug 1242591 for CVE-2025-37792",
"url": "https://bugzilla.suse.com/1242591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37792"
},
{
"cve": "CVE-2025-37793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()\n\ndevm_kasprintf() returns NULL when memory allocation fails. Currently,\navs_component_probe() does not check for this case, which results in a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37793",
"url": "https://www.suse.com/security/cve/CVE-2025-37793"
},
{
"category": "external",
"summary": "SUSE Bug 1242584 for CVE-2025-37793",
"url": "https://bugzilla.suse.com/1242584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37793"
},
{
"cve": "CVE-2025-37794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Purge vif txq in ieee80211_do_stop()\n\nAfter ieee80211_do_stop() SKB from vif\u0027s txq could still be processed.\nIndeed another concurrent vif schedule_and_wake_txq call could cause\nthose packets to be dequeued (see ieee80211_handle_wake_tx_queue())\nwithout checking the sdata current state.\n\nBecause vif.drv_priv is now cleared in this function, this could lead to\ndriver crash.\n\nFor example in ath12k, ahvif is store in vif.drv_priv. Thus if\nath12k_mac_op_tx() is called after ieee80211_do_stop(), ahvif-\u003eah can be\nNULL, leading the ath12k_warn(ahvif-\u003eah,...) call in this function to\ntrigger the NULL deref below.\n\n Unable to handle kernel paging request at virtual address dfffffc000000001\n KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n batman_adv: bat0: Interface deactivated: brbh1337\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n [dfffffc000000001] address between user and kernel address ranges\n Internal error: Oops: 0000000096000004 [#1] SMP\n CPU: 1 UID: 0 PID: 978 Comm: lbd Not tainted 6.13.0-g633f875b8f1e #114\n Hardware name: HW (DT)\n pstate: 10000005 (nzcV daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k]\n lr : ath12k_mac_op_tx+0x174/0x29b8 [ath12k]\n sp : ffffffc086ace450\n x29: ffffffc086ace450 x28: 0000000000000000 x27: 1ffffff810d59ca4\n x26: ffffff801d05f7c0 x25: 0000000000000000 x24: 000000004000001e\n x23: ffffff8009ce4926 x22: ffffff801f9c0800 x21: ffffff801d05f7f0\n x20: ffffff8034a19f40 x19: 0000000000000000 x18: ffffff801f9c0958\n x17: ffffff800bc0a504 x16: dfffffc000000000 x15: ffffffc086ace4f8\n x14: ffffff801d05f83c x13: 0000000000000000 x12: ffffffb003a0bf03\n x11: 0000000000000000 x10: ffffffb003a0bf02 x9 : ffffff8034a19f40\n x8 : ffffff801d05f818 x7 : 1ffffff0069433dc x6 : ffffff8034a19ee0\n x5 : ffffff801d05f7f0 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000008\n Call trace:\n ath12k_mac_op_tx+0x6cc/0x29b8 [ath12k] (P)\n ieee80211_handle_wake_tx_queue+0x16c/0x260\n ieee80211_queue_skb+0xeec/0x1d20\n ieee80211_tx+0x200/0x2c8\n ieee80211_xmit+0x22c/0x338\n __ieee80211_subif_start_xmit+0x7e8/0xc60\n ieee80211_subif_start_xmit+0xc4/0xee0\n __ieee80211_subif_start_xmit_8023.isra.0+0x854/0x17a0\n ieee80211_subif_start_xmit_8023+0x124/0x488\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n br_dev_queue_push_xmit+0x120/0x4a8\n __br_forward+0xe4/0x2b0\n deliver_clone+0x5c/0xd0\n br_flood+0x398/0x580\n br_dev_xmit+0x454/0x9f8\n dev_hard_start_xmit+0x160/0x5a8\n __dev_queue_xmit+0x6f8/0x3120\n ip6_finish_output2+0xc28/0x1b60\n __ip6_finish_output+0x38c/0x638\n ip6_output+0x1b4/0x338\n ip6_local_out+0x7c/0xa8\n ip6_send_skb+0x7c/0x1b0\n ip6_push_pending_frames+0x94/0xd0\n rawv6_sendmsg+0x1a98/0x2898\n inet_sendmsg+0x94/0xe0\n __sys_sendto+0x1e4/0x308\n __arm64_sys_sendto+0xc4/0x140\n do_el0_svc+0x110/0x280\n el0_svc+0x20/0x60\n el0t_64_sync_handler+0x104/0x138\n el0t_64_sync+0x154/0x158\n\nTo avoid that, empty vif\u0027s txq at ieee80211_do_stop() so no packet could\nbe dequeued after ieee80211_do_stop() (new packets cannot be queued\nbecause SDATA_STATE_RUNNING is cleared at this point).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37794",
"url": "https://www.suse.com/security/cve/CVE-2025-37794"
},
{
"category": "external",
"summary": "SUSE Bug 1242566 for CVE-2025-37794",
"url": "https://bugzilla.suse.com/1242566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37794"
},
{
"cve": "CVE-2025-37796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: at76c50x: fix use after free access in at76_disconnect\n\nThe memory pointed to by priv is freed at the end of at76_delete_device\nfunction (using ieee80211_free_hw). But the code then accesses the udev\nfield of the freed object to put the USB device. This may also lead to a\nmemory leak of the usb device. Fix this by using udev from interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37796",
"url": "https://www.suse.com/security/cve/CVE-2025-37796"
},
{
"category": "external",
"summary": "SUSE Bug 1242727 for CVE-2025-37796",
"url": "https://bugzilla.suse.com/1242727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37796"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential NULL pointer dereference in dev_uevent()\n\nIf userspace reads \"uevent\" device attribute at the same time as another\nthreads unbinds the device from its driver, change to dev-\u003edriver from a\nvalid pointer to NULL may result in crash. Fix this by using READ_ONCE()\nwhen fetching the pointer, and take bus\u0027 drivers klist lock to make sure\ndriver instance will not disappear while we access it.\n\nUse WRITE_ONCE() when setting the driver pointer to ensure there is no\ntearing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37800",
"url": "https://www.suse.com/security/cve/CVE-2025-37800"
},
{
"category": "external",
"summary": "SUSE Bug 1242849 for CVE-2025-37800",
"url": "https://bugzilla.suse.com/1242849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37800"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsound/virtio: Fix cancel_sync warnings on uninitialized work_structs\n\nBetty reported hitting the following warning:\n\n[ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182\n...\n[ 8.713282][ T221] Call trace:\n[ 8.713365][ T221] __flush_work+0x8d0/0x914\n[ 8.713468][ T221] __cancel_work_sync+0xac/0xfc\n[ 8.713570][ T221] cancel_work_sync+0x24/0x34\n[ 8.713667][ T221] virtsnd_remove+0xa8/0xf8 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.713868][ T221] virtsnd_probe+0x48c/0x664 [virtio_snd ab15f34d0dd772f6d11327e08a81d46dc9c36276]\n[ 8.714035][ T221] virtio_dev_probe+0x28c/0x390\n[ 8.714139][ T221] really_probe+0x1bc/0x4c8\n...\n\nIt seems we\u0027re hitting the error path in virtsnd_probe(), which\ntriggers a virtsnd_remove() which iterates over the substreams\ncalling cancel_work_sync() on the elapsed_period work_struct.\n\nLooking at the code, from earlier in:\nvirtsnd_probe()-\u003evirtsnd_build_devs()-\u003evirtsnd_pcm_parse_cfg()\n\nWe set snd-\u003ensubstreams, allocate the snd-\u003esubstreams, and if\nwe then hit an error on the info allocation or something in\nvirtsnd_ctl_query_info() fails, we will exit without having\ninitialized the elapsed_period work_struct.\n\nWhen that error path unwinds we then call virtsnd_remove()\nwhich as long as the substreams array is allocated, will iterate\nthrough calling cancel_work_sync() on the uninitialized work\nstruct hitting this warning.\n\nTakashi Iwai suggested this fix, which initializes the substreams\nstructure right after allocation, so that if we hit the error\npaths we avoid trying to cleanup uninitialized data.\n\nNote: I have not yet managed to reproduce the issue myself, so\nthis patch has had limited testing.\n\nFeedback or thoughts would be appreciated!",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37805",
"url": "https://www.suse.com/security/cve/CVE-2025-37805"
},
{
"category": "external",
"summary": "SUSE Bug 1242930 for CVE-2025-37805",
"url": "https://bugzilla.suse.com/1242930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37805"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy\u0027ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37810",
"url": "https://www.suse.com/security/cve/CVE-2025-37810"
},
{
"category": "external",
"summary": "SUSE Bug 1242906 for CVE-2025-37810",
"url": "https://bugzilla.suse.com/1242906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37810"
},
{
"cve": "CVE-2025-37812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: Fix deadlock when using NCM gadget\n\nThe cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit\n58f2fcb3a845 (\"usb: cdnsp: Fix deadlock issue during using NCM gadget\").\n\nUnder PREEMPT_RT the deadlock can be readily triggered by heavy network\ntraffic, for example using \"iperf --bidir\" over NCM ethernet link.\n\nThe deadlock occurs because the threaded interrupt handler gets\npreempted by a softirq, but both are protected by the same spinlock.\nPrevent deadlock by disabling softirq during threaded irq handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37812",
"url": "https://www.suse.com/security/cve/CVE-2025-37812"
},
{
"category": "external",
"summary": "SUSE Bug 1242908 for CVE-2025-37812",
"url": "https://bugzilla.suse.com/1242908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37812"
},
{
"cve": "CVE-2025-37815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration\n\nResolve kernel panic while accessing IRQ handler associated with the\ngenerated IRQ. This is done by acquiring the spinlock and storing the\ncurrent interrupt state before handling the interrupt request using\ngeneric_handle_irq.\n\nA previous fix patch was submitted where \u0027generic_handle_irq\u0027 was\nreplaced with \u0027handle_nested_irq\u0027. However, this change also causes\nthe kernel panic where after determining which GPIO triggered the\ninterrupt and attempting to call handle_nested_irq with the mapped\nIRQ number, leads to a failure in locating the registered handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37815",
"url": "https://www.suse.com/security/cve/CVE-2025-37815"
},
{
"category": "external",
"summary": "SUSE Bug 1242871 for CVE-2025-37815",
"url": "https://bugzilla.suse.com/1242871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37815"
},
{
"cve": "CVE-2025-37819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()\n\nWith ACPI in place, gicv2m_get_fwnode() is registered with the pci\nsubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtime\nduring a PCI host bridge probe. But, the call back is wrongly marked as\n__init, causing it to be freed, while being registered with the PCI\nsubsystem and could trigger:\n\n Unable to handle kernel paging request at virtual address ffff8000816c0400\n gicv2m_get_fwnode+0x0/0x58 (P)\n pci_set_bus_msi_domain+0x74/0x88\n pci_register_host_bridge+0x194/0x548\n\nThis is easily reproducible on a Juno board with ACPI boot.\n\nRetain the function for later use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37819",
"url": "https://www.suse.com/security/cve/CVE-2025-37819"
},
{
"category": "external",
"summary": "SUSE Bug 1242873 for CVE-2025-37819",
"url": "https://bugzilla.suse.com/1242873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37819"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix reference leak in pci_register_host_bridge()\n\nIf device_register() fails, call put_device() to give up the reference to\navoid a memory leak, per the comment at device_register().\n\nFound by code review.\n\n[bhelgaas: squash Dan Carpenter\u0027s double free fix from\nhttps://lore.kernel.org/r/db806a6c-a91b-4e5a-a84b-6b7e01bdac85@stanley.mountain]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37836",
"url": "https://www.suse.com/security/cve/CVE-2025-37836"
},
{
"category": "external",
"summary": "SUSE Bug 1242957 for CVE-2025-37836",
"url": "https://bugzilla.suse.com/1242957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37836"
},
{
"cve": "CVE-2025-37839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb-\u003es_sequence check\n\nJournal emptiness is not determined by sb-\u003es_sequence == 0 but rather by\nsb-\u003es_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37839",
"url": "https://www.suse.com/security/cve/CVE-2025-37839"
},
{
"category": "external",
"summary": "SUSE Bug 1242990 for CVE-2025-37839",
"url": "https://bugzilla.suse.com/1242990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37839"
},
{
"cve": "CVE-2025-37840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: fix PM resume warning\n\nFixed warning on PM resume as shown below caused due to uninitialized\nstruct nand_operation that checks chip select field :\nWARN_ON(op-\u003ecs \u003e= nanddev_ntargets(\u0026chip-\u003ebase)\n\n[ 14.588522] ------------[ cut here ]------------\n[ 14.588529] WARNING: CPU: 0 PID: 1392 at drivers/mtd/nand/raw/internals.h:139 nand_reset_op+0x1e0/0x1f8\n[ 14.588553] Modules linked in: bdc udc_core\n[ 14.588579] CPU: 0 UID: 0 PID: 1392 Comm: rtcwake Tainted: G W 6.14.0-rc4-g5394eea10651 #16\n[ 14.588590] Tainted: [W]=WARN\n[ 14.588593] Hardware name: Broadcom STB (Flattened Device Tree)\n[ 14.588598] Call trace:\n[ 14.588604] dump_backtrace from show_stack+0x18/0x1c\n[ 14.588622] r7:00000009 r6:0000008b r5:60000153 r4:c0fa558c\n[ 14.588625] show_stack from dump_stack_lvl+0x70/0x7c\n[ 14.588639] dump_stack_lvl from dump_stack+0x18/0x1c\n[ 14.588653] r5:c08d40b0 r4:c1003cb0\n[ 14.588656] dump_stack from __warn+0x84/0xe4\n[ 14.588668] __warn from warn_slowpath_fmt+0x18c/0x194\n[ 14.588678] r7:c08d40b0 r6:c1003cb0 r5:00000000 r4:00000000\n[ 14.588681] warn_slowpath_fmt from nand_reset_op+0x1e0/0x1f8\n[ 14.588695] r8:70c40dff r7:89705f41 r6:36b4a597 r5:c26c9444 r4:c26b0048\n[ 14.588697] nand_reset_op from brcmnand_resume+0x13c/0x150\n[ 14.588714] r9:00000000 r8:00000000 r7:c24f8010 r6:c228a3f8 r5:c26c94bc r4:c26b0040\n[ 14.588717] brcmnand_resume from platform_pm_resume+0x34/0x54\n[ 14.588735] r5:00000010 r4:c0840a50\n[ 14.588738] platform_pm_resume from dpm_run_callback+0x5c/0x14c\n[ 14.588757] dpm_run_callback from device_resume+0xc0/0x324\n[ 14.588776] r9:c24f8054 r8:c24f80a0 r7:00000000 r6:00000000 r5:00000010 r4:c24f8010\n[ 14.588779] device_resume from dpm_resume+0x130/0x160\n[ 14.588799] r9:c22539e4 r8:00000010 r7:c22bebb0 r6:c24f8010 r5:c22539dc r4:c22539b0\n[ 14.588802] dpm_resume from dpm_resume_end+0x14/0x20\n[ 14.588822] r10:c2204e40 r9:00000000 r8:c228a3fc r7:00000000 r6:00000003 r5:c228a414\n[ 14.588826] r4:00000010\n[ 14.588828] dpm_resume_end from suspend_devices_and_enter+0x274/0x6f8\n[ 14.588848] r5:c228a414 r4:00000000\n[ 14.588851] suspend_devices_and_enter from pm_suspend+0x228/0x2bc\n[ 14.588868] r10:c3502910 r9:c3501f40 r8:00000004 r7:c228a438 r6:c0f95e18 r5:00000000\n[ 14.588871] r4:00000003\n[ 14.588874] pm_suspend from state_store+0x74/0xd0\n[ 14.588889] r7:c228a438 r6:c0f934c8 r5:00000003 r4:00000003\n[ 14.588892] state_store from kobj_attr_store+0x1c/0x28\n[ 14.588913] r9:00000000 r8:00000000 r7:f09f9f08 r6:00000004 r5:c3502900 r4:c0283250\n[ 14.588916] kobj_attr_store from sysfs_kf_write+0x40/0x4c\n[ 14.588936] r5:c3502900 r4:c0d92a48\n[ 14.588939] sysfs_kf_write from kernfs_fop_write_iter+0x104/0x1f0\n[ 14.588956] r5:c3502900 r4:c3501f40\n[ 14.588960] kernfs_fop_write_iter from vfs_write+0x250/0x420\n[ 14.588980] r10:c0e14b48 r9:00000000 r8:c25f5780 r7:00443398 r6:f09f9f68 r5:c34f7f00\n[ 14.588983] r4:c042a88c\n[ 14.588987] vfs_write from ksys_write+0x74/0xe4\n[ 14.589005] r10:00000004 r9:c25f5780 r8:c02002fA0 r7:00000000 r6:00000000 r5:c34f7f00\n[ 14.589008] r4:c34f7f00\n[ 14.589011] ksys_write from sys_write+0x10/0x14\n[ 14.589029] r7:00000004 r6:004421c0 r5:00443398 r4:00000004\n[ 14.589032] sys_write from ret_fast_syscall+0x0/0x5c\n[ 14.589044] Exception stack(0xf09f9fa8 to 0xf09f9ff0)\n[ 14.589050] 9fa0: 00000004 00443398 00000004 00443398 00000004 00000001\n[ 14.589056] 9fc0: 00000004 00443398 004421c0 00000004 b6ecbd58 00000008 bebfbc38 0043eb78\n[ 14.589062] 9fe0: 00440eb0 bebfbaf8 b6de18a0 b6e579e8\n[ 14.589065] ---[ end trace 0000000000000000 ]---\n\nThe fix uses the higher level nand_reset(chip, chipnr); where chipnr = 0, when\ndoing PM resume operation in compliance with the controller support for single\ndie nand chip. Switching from nand_reset_op() to nan\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37840",
"url": "https://www.suse.com/security/cve/CVE-2025-37840"
},
{
"category": "external",
"summary": "SUSE Bug 1242953 for CVE-2025-37840",
"url": "https://bugzilla.suse.com/1242953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37840"
},
{
"cve": "CVE-2025-37841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npm: cpupower: bench: Prevent NULL dereference on malloc failure\n\nIf malloc returns NULL due to low memory, \u0027config\u0027 pointer can be NULL.\nAdd a check to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37841",
"url": "https://www.suse.com/security/cve/CVE-2025-37841"
},
{
"category": "external",
"summary": "SUSE Bug 1242974 for CVE-2025-37841",
"url": "https://bugzilla.suse.com/1242974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37841"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37849",
"url": "https://www.suse.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "SUSE Bug 1243000 for CVE-2025-37849",
"url": "https://bugzilla.suse.com/1243000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37849"
},
{
"cve": "CVE-2025-37850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()\n\nWith CONFIG_COMPILE_TEST \u0026\u0026 !CONFIG_HAVE_CLK, pwm_mediatek_config() has a\ndivide-by-zero in the following line:\n\n\tdo_div(resolution, clk_get_rate(pc-\u003eclk_pwms[pwm-\u003ehwpwm]));\n\ndue to the fact that the !CONFIG_HAVE_CLK version of clk_get_rate()\nreturns zero.\n\nThis is presumably just a theoretical problem: COMPILE_TEST overrides\nthe dependency on RALINK which would select COMMON_CLK. Regardless it\u0027s\na good idea to check for the error explicitly to avoid divide-by-zero.\n\nFixes the following warning:\n\n drivers/pwm/pwm-mediatek.o: warning: objtool: .text: unexpected end of section\n\n[ukleinek: s/CONFIG_CLK/CONFIG_HAVE_CLK/]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37850",
"url": "https://www.suse.com/security/cve/CVE-2025-37850"
},
{
"category": "external",
"summary": "SUSE Bug 1242955 for CVE-2025-37850",
"url": "https://bugzilla.suse.com/1242955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37850"
},
{
"cve": "CVE-2025-37851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: Add \u0027plane\u0027 value check\n\nFunction dispc_ovl_setup is not intended to work with the value OMAP_DSS_WB\nof the enum parameter plane.\n\nThe value of this parameter is initialized in dss_init_overlays and in the\ncurrent state of the code it cannot take this value so it\u0027s not a real\nproblem.\n\nFor the purposes of defensive coding it wouldn\u0027t be superfluous to check\nthe parameter value, because some functions down the call stack process\nthis value correctly and some not.\n\nFor example, in dispc_ovl_setup_global_alpha it may lead to buffer\noverflow.\n\nAdd check for this value.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37851",
"url": "https://www.suse.com/security/cve/CVE-2025-37851"
},
{
"category": "external",
"summary": "SUSE Bug 1242977 for CVE-2025-37851",
"url": "https://bugzilla.suse.com/1242977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37851"
},
{
"cve": "CVE-2025-37852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()\n\nAdd error handling to propagate amdgpu_cgs_create_device() failures\nto the caller. When amdgpu_cgs_create_device() fails, release hwmgr\nand return -ENOMEM to prevent null pointer dereference.\n\n[v1]-\u003e[v2]: Change error code from -EINVAL to -ENOMEM. Free hwmgr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37852",
"url": "https://www.suse.com/security/cve/CVE-2025-37852"
},
{
"category": "external",
"summary": "SUSE Bug 1243074 for CVE-2025-37852",
"url": "https://bugzilla.suse.com/1243074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37852"
},
{
"cve": "CVE-2025-37853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: debugfs hang_hws skip GPU with MES\n\ndebugfs hang_hws is used by GPU reset test with HWS, for MES this crash\nthe kernel with NULL pointer access because dqm-\u003epacket_mgr is not setup\nfor MES path.\n\nSkip GPU with MES for now, MES hang_hws debugfs interface will be\nsupported later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37853",
"url": "https://www.suse.com/security/cve/CVE-2025-37853"
},
{
"category": "external",
"summary": "SUSE Bug 1243076 for CVE-2025-37853",
"url": "https://bugzilla.suse.com/1243076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37853"
},
{
"cve": "CVE-2025-37854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix mode1 reset crash issue\n\nIf HW scheduler hangs and mode1 reset is used to recover GPU, KFD signal\nuser space to abort the processes. After process abort exit, user queues\nstill use the GPU to access system memory before h/w is reset while KFD\ncleanup worker free system memory and free VRAM.\n\nThere is use-after-free race bug that KFD allocate and reuse the freed\nsystem memory, and user queue write to the same system memory to corrupt\nthe data structure and cause driver crash.\n\nTo fix this race, KFD cleanup worker terminate user queues, then flush\nreset_domain wq to wait for any GPU ongoing reset complete, and then\nfree outstanding BOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37854",
"url": "https://www.suse.com/security/cve/CVE-2025-37854"
},
{
"category": "external",
"summary": "SUSE Bug 1243082 for CVE-2025-37854",
"url": "https://bugzilla.suse.com/1243082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37854"
},
{
"cve": "CVE-2025-37858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Prevent integer overflow in AG size calculation\n\nThe JFS filesystem calculates allocation group (AG) size using 1 \u003c\u003c\nl2agsize in dbExtendFS(). When l2agsize exceeds 31 (possible with \u003e2TB\naggregates on 32-bit systems), this 32-bit shift operation causes undefined\nbehavior and improper AG sizing.\n\nOn 32-bit architectures:\n- Left-shifting 1 by 32+ bits results in 0 due to integer overflow\n- This creates invalid AG sizes (0 or garbage values) in\nsbi-\u003ebmap-\u003edb_agsize\n- Subsequent block allocations would reference invalid AG structures\n- Could lead to:\n - Filesystem corruption during extend operations\n - Kernel crashes due to invalid memory accesses\n - Security vulnerabilities via malformed on-disk structures\n\nFix by casting to s64 before shifting:\nbmp-\u003edb_agsize = (s64)1 \u003c\u003c l2agsize;\n\nThis ensures 64-bit arithmetic even on 32-bit architectures. The cast\nmatches the data type of db_agsize (s64) and follows similar patterns in\nJFS block calculation code.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37858",
"url": "https://www.suse.com/security/cve/CVE-2025-37858"
},
{
"category": "external",
"summary": "SUSE Bug 1243049 for CVE-2025-37858",
"url": "https://bugzilla.suse.com/1243049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37858"
},
{
"cve": "CVE-2025-37867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Silence oversized kvmalloc() warning\n\nsyzkaller triggered an oversized kvmalloc() warning.\nSilence it by adding __GFP_NOWARN.\n\nsyzkaller log:\n WARNING: CPU: 7 PID: 518 at mm/util.c:665 __kvmalloc_node_noprof+0x175/0x180\n CPU: 7 UID: 0 PID: 518 Comm: c_repro Not tainted 6.11.0-rc6+ #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__kvmalloc_node_noprof+0x175/0x180\n RSP: 0018:ffffc90001e67c10 EFLAGS: 00010246\n RAX: 0000000000000100 RBX: 0000000000000400 RCX: ffffffff8149d46b\n RDX: 0000000000000000 RSI: ffff8881030fae80 RDI: 0000000000000002\n RBP: 000000712c800000 R08: 0000000000000100 R09: 0000000000000000\n R10: ffffc90001e67c10 R11: 0030ae0601000000 R12: 0000000000000000\n R13: 0000000000000000 R14: 00000000ffffffff R15: 0000000000000000\n FS: 00007fde79159740(0000) GS:ffff88813bdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000180 CR3: 0000000105eb4005 CR4: 00000000003706b0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ib_umem_odp_get+0x1f6/0x390\n mlx5_ib_reg_user_mr+0x1e8/0x450\n ib_uverbs_reg_mr+0x28b/0x440\n ib_uverbs_write+0x7d3/0xa30\n vfs_write+0x1ac/0x6c0\n ksys_write+0x134/0x170\n ? __sanitizer_cov_trace_pc+0x1c/0x50\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37867",
"url": "https://www.suse.com/security/cve/CVE-2025-37867"
},
{
"category": "external",
"summary": "SUSE Bug 1242948 for CVE-2025-37867",
"url": "https://bugzilla.suse.com/1242948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37867"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: decrease sc_count directly if fail to queue dl_recall\n\nA deadlock warning occurred when invoking nfs4_put_stid following a failed\ndl_recall queue operation:\n T1 T2\n nfs4_laundromat\n nfs4_get_client_reaplist\n nfs4_anylock_blockers\n__break_lease\n spin_lock // ctx-\u003eflc_lock\n spin_lock // clp-\u003ecl_lock\n nfs4_lockowner_has_blockers\n locks_owner_has_blockers\n spin_lock // flctx-\u003eflc_lock\n nfsd_break_deleg_cb\n nfsd_break_one_deleg\n nfs4_put_stid\n refcount_dec_and_lock\n spin_lock // clp-\u003ecl_lock\n\nWhen a file is opened, an nfs4_delegation is allocated with sc_count\ninitialized to 1, and the file_lease holds a reference to the delegation.\nThe file_lease is then associated with the file through kernel_setlease.\n\nThe disassociation is performed in nfsd4_delegreturn via the following\ncall chain:\nnfsd4_delegreturn --\u003e destroy_delegation --\u003e destroy_unhashed_deleg --\u003e\nnfs4_unlock_deleg_lease --\u003e kernel_setlease --\u003e generic_delete_lease\nThe corresponding sc_count reference will be released after this\ndisassociation.\n\nSince nfsd_break_one_deleg executes while holding the flc_lock, the\ndisassociation process becomes blocked when attempting to acquire flc_lock\nin generic_delete_lease. This means:\n1) sc_count in nfsd_break_one_deleg will not be decremented to 0;\n2) The nfs4_put_stid called by nfsd_break_one_deleg will not attempt to\nacquire cl_lock;\n3) Consequently, no deadlock condition is created.\n\nGiven that sc_count in nfsd_break_one_deleg remains non-zero, we can\nsafely perform refcount_dec on sc_count directly. This approach\neffectively avoids triggering deadlock warnings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37871",
"url": "https://www.suse.com/security/cve/CVE-2025-37871"
},
{
"category": "external",
"summary": "SUSE Bug 1242949 for CVE-2025-37871",
"url": "https://bugzilla.suse.com/1242949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37871"
},
{
"cve": "CVE-2025-37873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix missing ring index trim on error path\n\nCommit under Fixes converted tx_prod to be free running but missed\nmasking it on the Tx error path. This crashes on error conditions,\nfor example when DMA mapping fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37873",
"url": "https://www.suse.com/security/cve/CVE-2025-37873"
},
{
"category": "external",
"summary": "SUSE Bug 1242961 for CVE-2025-37873",
"url": "https://bugzilla.suse.com/1242961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37873"
},
{
"cve": "CVE-2025-37875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: fix PTM cycle trigger logic\n\nWriting to clear the PTM status \u0027valid\u0027 bit while the PTM cycle is\ntriggered results in unreliable PTM operation. To fix this, clear the\nPTM \u0027trigger\u0027 and status after each PTM transaction.\n\nThe issue can be reproduced with the following:\n\n$ sudo phc2sys -R 1000 -O 0 -i tsn0 -m\n\nNote: 1000 Hz (-R 1000) is unrealistically large, but provides a way to\nquickly reproduce the issue.\n\nPHC2SYS exits with:\n\n\"ioctl PTP_OFFSET_PRECISE: Connection timed out\" when the PTM transaction\n fails\n\nThis patch also fixes a hang in igc_probe() when loading the igc\ndriver in the kdump kernel on systems supporting PTM.\n\nThe igc driver running in the base kernel enables PTM trigger in\nigc_probe(). Therefore the driver is always in PTM trigger mode,\nexcept in brief periods when manually triggering a PTM cycle.\n\nWhen a crash occurs, the NIC is reset while PTM trigger is enabled.\nDue to a hardware problem, the NIC is subsequently in a bad busmaster\nstate and doesn\u0027t handle register reads/writes. When running\nigc_probe() in the kdump kernel, the first register access to a NIC\nregister hangs driver probing and ultimately breaks kdump.\n\nWith this patch, igc has PTM trigger disabled most of the time,\nand the trigger is only enabled for very brief (10 - 100 us) periods\nwhen manually triggering a PTM cycle. Chances that a crash occurs\nduring a PTM trigger are not 0, but extremely reduced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37875",
"url": "https://www.suse.com/security/cve/CVE-2025-37875"
},
{
"category": "external",
"summary": "SUSE Bug 1242959 for CVE-2025-37875",
"url": "https://bugzilla.suse.com/1242959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37875"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()\n\nThe variable d-\u003ename, returned by devm_kasprintf(), could be NULL.\nA pointer check is added to prevent potential NULL pointer dereference.\nThis is similar to the fix in commit 3027e7b15b02\n(\"ice: Fix some null pointer dereference issues in ice_ptp.c\").\n\nThis issue is found by our static analysis tool",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37881",
"url": "https://www.suse.com/security/cve/CVE-2025-37881"
},
{
"category": "external",
"summary": "SUSE Bug 1242973 for CVE-2025-37881",
"url": "https://bugzilla.suse.com/1242973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37881"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37889",
"url": "https://www.suse.com/security/cve/CVE-2025-37889"
},
{
"category": "external",
"summary": "SUSE Bug 1242945 for CVE-2025-37889",
"url": "https://bugzilla.suse.com/1242945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37889"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ump: Fix buffer overflow at UMP SysEx message conversion\n\nThe conversion function from MIDI 1.0 to UMP packet contains an\ninternal buffer to keep the incoming MIDI bytes, and its size is 4, as\nit was supposed to be the max size for a MIDI1 UMP packet data.\nHowever, the implementation overlooked that SysEx is handled in a\ndifferent format, and it can be up to 6 bytes, as found in\ndo_convert_to_ump(). It leads eventually to a buffer overflow, and\nmay corrupt the memory when a longer SysEx message is received.\n\nThe fix is simply to extend the buffer size to 6 to fit with the SysEx\nUMP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37891",
"url": "https://www.suse.com/security/cve/CVE-2025-37891"
},
{
"category": "external",
"summary": "SUSE Bug 1243589 for CVE-2025-37891",
"url": "https://bugzilla.suse.com/1243589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37891"
},
{
"cve": "CVE-2025-37892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37892",
"url": "https://www.suse.com/security/cve/CVE-2025-37892"
},
{
"category": "external",
"summary": "SUSE Bug 1243536 for CVE-2025-37892",
"url": "https://bugzilla.suse.com/1243536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37892"
},
{
"cve": "CVE-2025-37897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: plfxlc: Remove erroneous assert in plfxlc_mac_release\n\nplfxlc_mac_release() asserts that mac-\u003elock is held. This assertion is\nincorrect, because even if it was possible, it would not be the valid\nbehaviour. The function is used when probe fails or after the device is\ndisconnected. In both cases mac-\u003elock can not be held as the driver is\nnot working with the device at the moment. All functions that use mac-\u003elock\nunlock it just after it was held. There is also no need to hold mac-\u003elock\nfor plfxlc_mac_release() itself, as mac data is not affected, except for\nmac-\u003eflags, which is modified atomically.\n\nThis bug leads to the following warning:\n================================================================\nWARNING: CPU: 0 PID: 127 at drivers/net/wireless/purelifi/plfxlc/mac.c:106 plfxlc_mac_release+0x7d/0xa0\nModules linked in:\nCPU: 0 PID: 127 Comm: kworker/0:2 Not tainted 6.1.124-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:plfxlc_mac_release+0x7d/0xa0 drivers/net/wireless/purelifi/plfxlc/mac.c:106\nCall Trace:\n \u003cTASK\u003e\n probe+0x941/0xbd0 drivers/net/wireless/purelifi/plfxlc/usb.c:694\n usb_probe_interface+0x5c0/0xaf0 drivers/usb/core/driver.c:396\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_set_configuration+0x19dd/0x2020 drivers/usb/core/message.c:2165\n usb_generic_driver_probe+0x84/0x140 drivers/usb/core/generic.c:238\n usb_probe_device+0x130/0x260 drivers/usb/core/driver.c:293\n really_probe+0x2ab/0xcb0 drivers/base/dd.c:639\n __driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:785\n driver_probe_device+0x50/0x420 drivers/base/dd.c:815\n __device_attach_driver+0x2cf/0x510 drivers/base/dd.c:943\n bus_for_each_drv+0x183/0x200 drivers/base/bus.c:429\n __device_attach+0x359/0x570 drivers/base/dd.c:1015\n bus_probe_device+0xba/0x1e0 drivers/base/bus.c:489\n device_add+0xb48/0xfd0 drivers/base/core.c:3696\n usb_new_device+0xbdd/0x18f0 drivers/usb/core/hub.c:2620\n hub_port_connect drivers/usb/core/hub.c:5477 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5617 [inline]\n port_event drivers/usb/core/hub.c:5773 [inline]\n hub_event+0x2efe/0x5730 drivers/usb/core/hub.c:5855\n process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292\n worker_thread+0xa47/0x1200 kernel/workqueue.c:2439\n kthread+0x28d/0x320 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295\n \u003c/TASK\u003e\n================================================================\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37897",
"url": "https://www.suse.com/security/cve/CVE-2025-37897"
},
{
"category": "external",
"summary": "SUSE Bug 1243534 for CVE-2025-37897",
"url": "https://bugzilla.suse.com/1243534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "low"
}
],
"title": "CVE-2025-37897"
},
{
"cve": "CVE-2025-37900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Fix two issues in iommu_copy_struct_from_user()\n\nIn the review for iommu_copy_struct_to_user() helper, Matt pointed out that\na NULL pointer should be rejected prior to dereferencing it:\nhttps://lore.kernel.org/all/86881827-8E2D-461C-BDA3-FA8FD14C343C@nvidia.com\n\nAnd Alok pointed out a typo at the same time:\nhttps://lore.kernel.org/all/480536af-6830-43ce-a327-adbd13dc3f1d@oracle.com\n\nSince both issues were copied from iommu_copy_struct_from_user(), fix them\nfirst in the current header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37900",
"url": "https://www.suse.com/security/cve/CVE-2025-37900"
},
{
"category": "external",
"summary": "SUSE Bug 1243560 for CVE-2025-37900",
"url": "https://bugzilla.suse.com/1243560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37900"
},
{
"cve": "CVE-2025-37901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs\n\nOn Qualcomm chipsets not all GPIOs are wakeup capable. Those GPIOs do not\nhave a corresponding MPM pin and should not be handled inside the MPM\ndriver. The IRQ domain hierarchy is always applied, so it\u0027s required to\nexplicitly disconnect the hierarchy for those. The pinctrl-msm driver marks\nthese with GPIO_NO_WAKE_IRQ. qcom-pdc has a check for this, but\nirq-qcom-mpm is currently missing the check. This is causing crashes when\nsetting up interrupts for non-wake GPIOs:\n\n root@rb1:~# gpiomon -c gpiochip1 10\n irq: IRQ159: trimming hierarchy from :soc@0:interrupt-controller@f200000-1\n Unable to handle kernel paging request at virtual address ffff8000a1dc3820\n Hardware name: Qualcomm Technologies, Inc. Robotics RB1 (DT)\n pc : mpm_set_type+0x80/0xcc\n lr : mpm_set_type+0x5c/0xcc\n Call trace:\n mpm_set_type+0x80/0xcc (P)\n qcom_mpm_set_type+0x64/0x158\n irq_chip_set_type_parent+0x20/0x38\n msm_gpio_irq_set_type+0x50/0x530\n __irq_set_trigger+0x60/0x184\n __setup_irq+0x304/0x6bc\n request_threaded_irq+0xc8/0x19c\n edge_detector_setup+0x260/0x364\n linereq_create+0x420/0x5a8\n gpio_ioctl+0x2d4/0x6c0\n\nFix this by copying the check for GPIO_NO_WAKE_IRQ from qcom-pdc.c, so that\nMPM is removed entirely from the hierarchy for non-wake GPIOs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37901",
"url": "https://www.suse.com/security/cve/CVE-2025-37901"
},
{
"category": "external",
"summary": "SUSE Bug 1243559 for CVE-2025-37901",
"url": "https://bugzilla.suse.com/1243559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37901"
},
{
"cve": "CVE-2025-37903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free in hdcp\n\nThe HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector\nobjects without incrementing the kref reference counts. When using a\nUSB-C dock, and the dock is unplugged, the corresponding\namdgpu_dm_connector objects are freed, creating dangling pointers in the\nHDCP code. When the dock is plugged back, the dangling pointers are\ndereferenced, resulting in a slab-use-after-free:\n\n[ 66.775837] BUG: KASAN: slab-use-after-free in event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776171] Read of size 4 at addr ffff888127804120 by task kworker/0:1/10\n\n[ 66.776179] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.14.0-rc7-00180-g54505f727a38-dirty #233\n[ 66.776183] Hardware name: HP HP Pavilion Aero Laptop 13-be0xxx/8916, BIOS F.17 12/18/2024\n[ 66.776186] Workqueue: events event_property_validate [amdgpu]\n[ 66.776494] Call Trace:\n[ 66.776496] \u003cTASK\u003e\n[ 66.776497] dump_stack_lvl+0x70/0xa0\n[ 66.776504] print_report+0x175/0x555\n[ 66.776507] ? __virt_addr_valid+0x243/0x450\n[ 66.776510] ? kasan_complete_mode_report_info+0x66/0x1c0\n[ 66.776515] kasan_report+0xeb/0x1c0\n[ 66.776518] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.776819] ? event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777121] __asan_report_load4_noabort+0x14/0x20\n[ 66.777124] event_property_validate+0x42f/0x6c0 [amdgpu]\n[ 66.777342] ? __lock_acquire+0x6b40/0x6b40\n[ 66.777347] ? enable_assr+0x250/0x250 [amdgpu]\n[ 66.777571] process_one_work+0x86b/0x1510\n[ 66.777575] ? pwq_dec_nr_in_flight+0xcf0/0xcf0\n[ 66.777578] ? assign_work+0x16b/0x280\n[ 66.777580] ? lock_is_held_type+0xa3/0x130\n[ 66.777583] worker_thread+0x5c0/0xfa0\n[ 66.777587] ? process_one_work+0x1510/0x1510\n[ 66.777588] kthread+0x3a2/0x840\n[ 66.777591] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777594] ? trace_hardirqs_on+0x4f/0x60\n[ 66.777597] ? _raw_spin_unlock_irq+0x27/0x60\n[ 66.777599] ? calculate_sigpending+0x77/0xa0\n[ 66.777602] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777605] ret_from_fork+0x40/0x90\n[ 66.777607] ? kthread_is_per_cpu+0xd0/0xd0\n[ 66.777609] ret_from_fork_asm+0x11/0x20\n[ 66.777614] \u003c/TASK\u003e\n\n[ 66.777643] Allocated by task 10:\n[ 66.777646] kasan_save_stack+0x39/0x60\n[ 66.777649] kasan_save_track+0x14/0x40\n[ 66.777652] kasan_save_alloc_info+0x37/0x50\n[ 66.777655] __kasan_kmalloc+0xbb/0xc0\n[ 66.777658] __kmalloc_cache_noprof+0x1c8/0x4b0\n[ 66.777661] dm_dp_add_mst_connector+0xdd/0x5c0 [amdgpu]\n[ 66.777880] drm_dp_mst_port_add_connector+0x47e/0x770 [drm_display_helper]\n[ 66.777892] drm_dp_send_link_address+0x1554/0x2bf0 [drm_display_helper]\n[ 66.777901] drm_dp_check_and_send_link_address+0x187/0x1f0 [drm_display_helper]\n[ 66.777909] drm_dp_mst_link_probe_work+0x2b8/0x410 [drm_display_helper]\n[ 66.777917] process_one_work+0x86b/0x1510\n[ 66.777919] worker_thread+0x5c0/0xfa0\n[ 66.777922] kthread+0x3a2/0x840\n[ 66.777925] ret_from_fork+0x40/0x90\n[ 66.777927] ret_from_fork_asm+0x11/0x20\n\n[ 66.777932] Freed by task 1713:\n[ 66.777935] kasan_save_stack+0x39/0x60\n[ 66.777938] kasan_save_track+0x14/0x40\n[ 66.777940] kasan_save_free_info+0x3b/0x60\n[ 66.777944] __kasan_slab_free+0x52/0x70\n[ 66.777946] kfree+0x13f/0x4b0\n[ 66.777949] dm_dp_mst_connector_destroy+0xfa/0x150 [amdgpu]\n[ 66.778179] drm_connector_free+0x7d/0xb0\n[ 66.778184] drm_mode_object_put.part.0+0xee/0x160\n[ 66.778188] drm_mode_object_put+0x37/0x50\n[ 66.778191] drm_atomic_state_default_clear+0x220/0xd60\n[ 66.778194] __drm_atomic_state_free+0x16e/0x2a0\n[ 66.778197] drm_mode_atomic_ioctl+0x15ed/0x2ba0\n[ 66.778200] drm_ioctl_kernel+0x17a/0x310\n[ 66.778203] drm_ioctl+0x584/0xd10\n[ 66.778206] amdgpu_drm_ioctl+0xd2/0x1c0 [amdgpu]\n[ 66.778375] __x64_sys_ioctl+0x139/0x1a0\n[ 66.778378] x64_sys_call+0xee7/0xfb0\n[ 66.778381] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37903",
"url": "https://www.suse.com/security/cve/CVE-2025-37903"
},
{
"category": "external",
"summary": "SUSE Bug 1243562 for CVE-2025-37903",
"url": "https://bugzilla.suse.com/1243562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37903"
},
{
"cve": "CVE-2025-37905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Balance device refcount when destroying devices\n\nUsing device_find_child() to lookup the proper SCMI device to destroy\ncauses an unbalance in device refcount, since device_find_child() calls an\nimplicit get_device(): this, in turns, inhibits the call of the provided\nrelease methods upon devices destruction.\n\nAs a consequence, one of the structures that is not freed properly upon\ndestruction is the internal struct device_private dev-\u003ep populated by the\ndrivers subsystem core.\n\nKMemleak detects this situation since loading/unloding some SCMI driver\ncauses related devices to be created/destroyed without calling any\ndevice_release method.\n\nunreferenced object 0xffff00000f583800 (size 512):\n comm \"insmod\", pid 227, jiffies 4294912190\n hex dump (first 32 bytes):\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n ff ff ff ff ff ff ff ff 60 36 1d 8a 00 80 ff ff ........`6......\n backtrace (crc 114e2eed):\n kmemleak_alloc+0xbc/0xd8\n __kmalloc_cache_noprof+0x2dc/0x398\n device_add+0x954/0x12d0\n device_register+0x28/0x40\n __scmi_device_create.part.0+0x1bc/0x380\n scmi_device_create+0x2d0/0x390\n scmi_create_protocol_devices+0x74/0xf8\n scmi_device_request_notifier+0x1f8/0x2a8\n notifier_call_chain+0x110/0x3b0\n blocking_notifier_call_chain+0x70/0xb0\n scmi_driver_register+0x350/0x7f0\n 0xffff80000a3b3038\n do_one_initcall+0x12c/0x730\n do_init_module+0x1dc/0x640\n load_module+0x4b20/0x5b70\n init_module_from_file+0xec/0x158\n\n$ ./scripts/faddr2line ./vmlinux device_add+0x954/0x12d0\ndevice_add+0x954/0x12d0:\nkmalloc_noprof at include/linux/slab.h:901\n(inlined by) kzalloc_noprof at include/linux/slab.h:1037\n(inlined by) device_private_init at drivers/base/core.c:3510\n(inlined by) device_add at drivers/base/core.c:3561\n\nBalance device refcount by issuing a put_device() on devices found via\ndevice_find_child().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37905",
"url": "https://www.suse.com/security/cve/CVE-2025-37905"
},
{
"category": "external",
"summary": "SUSE Bug 1243456 for CVE-2025-37905",
"url": "https://bugzilla.suse.com/1243456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37905"
},
{
"cve": "CVE-2025-37911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix out-of-bound memcpy() during ethtool -w\n\nWhen retrieving the FW coredump using ethtool, it can sometimes cause\nmemory corruption:\n\nBUG: KFENCE: memory corruption in __bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nCorrupted memory at 0x000000008f0f30e8 [ ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ] (in kfence-#45):\n__bnxt_get_coredump+0x3ef/0x670 [bnxt_en]\nethtool_get_dump_data+0xdc/0x1a0\n__dev_ethtool+0xa1e/0x1af0\ndev_ethtool+0xa8/0x170\ndev_ioctl+0x1b5/0x580\nsock_do_ioctl+0xab/0xf0\nsock_ioctl+0x1ce/0x2e0\n__x64_sys_ioctl+0x87/0xc0\ndo_syscall_64+0x5c/0xf0\nentry_SYSCALL_64_after_hwframe+0x78/0x80\n\n...\n\nThis happens when copying the coredump segment list in\nbnxt_hwrm_dbg_dma_data() with the HWRM_DBG_COREDUMP_LIST FW command.\nThe info-\u003edest_buf buffer is allocated based on the number of coredump\nsegments returned by the FW. The segment list is then DMA\u0027ed by\nthe FW and the length of the DMA is returned by FW. The driver then\ncopies this DMA\u0027ed segment list to info-\u003edest_buf.\n\nIn some cases, this DMA length may exceed the info-\u003edest_buf length\nand cause the above BUG condition. Fix it by capping the copy\nlength to not exceed the length of info-\u003edest_buf. The extra\nDMA data contains no useful information.\n\nThis code path is shared for the HWRM_DBG_COREDUMP_LIST and the\nHWRM_DBG_COREDUMP_RETRIEVE FW commands. The buffering is different\nfor these 2 FW commands. To simplify the logic, we need to move\nthe line to adjust the buffer length for HWRM_DBG_COREDUMP_RETRIEVE\nup, so that the new check to cap the copy length will work for both\ncommands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37911",
"url": "https://www.suse.com/security/cve/CVE-2025-37911"
},
{
"category": "external",
"summary": "SUSE Bug 1243469 for CVE-2025-37911",
"url": "https://bugzilla.suse.com/1243469"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37911"
},
{
"cve": "CVE-2025-37912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()\n\nAs mentioned in the commit baeb705fd6a7 (\"ice: always check VF VSI\npointer values\"), we need to perform a null pointer check on the return\nvalue of ice_get_vf_vsi() before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37912",
"url": "https://www.suse.com/security/cve/CVE-2025-37912"
},
{
"category": "external",
"summary": "SUSE Bug 1243470 for CVE-2025-37912",
"url": "https://bugzilla.suse.com/1243470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37912"
},
{
"cve": "CVE-2025-37913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of qfq, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg-\u003eactive\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37913",
"url": "https://www.suse.com/security/cve/CVE-2025-37913"
},
{
"category": "external",
"summary": "SUSE Bug 1243471 for CVE-2025-37913",
"url": "https://bugzilla.suse.com/1243471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37913"
},
{
"cve": "CVE-2025-37914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: ets: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of ets, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether\nthe class was already added to the active_list (cl_is_active) before\ndoing the addition to cater for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37914",
"url": "https://www.suse.com/security/cve/CVE-2025-37914"
},
{
"category": "external",
"summary": "SUSE Bug 1243472 for CVE-2025-37914",
"url": "https://bugzilla.suse.com/1243472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37914"
},
{
"cve": "CVE-2025-37915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc\u0027s enqueue callback reentrant.\nIn the case of drr, there won\u0027t be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37915",
"url": "https://www.suse.com/security/cve/CVE-2025-37915"
},
{
"category": "external",
"summary": "SUSE Bug 1243473 for CVE-2025-37915",
"url": "https://bugzilla.suse.com/1243473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37915"
},
{
"cve": "CVE-2025-37918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()\n\nA NULL pointer dereference can occur in skb_dequeue() when processing a\nQCA firmware crash dump on WCN7851 (0489:e0f3).\n\n[ 93.672166] Bluetooth: hci0: ACL memdump size(589824)\n\n[ 93.672475] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[ 93.672517] Workqueue: hci0 hci_devcd_rx [bluetooth]\n[ 93.672598] RIP: 0010:skb_dequeue+0x50/0x80\n\nThe issue stems from handle_dump_pkt_qca() returning 0 even when a dump\npacket is successfully processed. This is because it incorrectly\nforwards the return value of hci_devcd_init() (which returns 0 on\nsuccess). As a result, the caller (btusb_recv_acl_qca() or\nbtusb_recv_evt_qca()) assumes the packet was not handled and passes it\nto hci_recv_frame(), leading to premature kfree() of the skb.\n\nLater, hci_devcd_rx() attempts to dequeue the same skb from the dump\nqueue, resulting in a NULL pointer dereference.\n\nFix this by:\n1. Making handle_dump_pkt_qca() return 0 on success and negative errno\n on failure, consistent with kernel conventions.\n2. Splitting dump packet detection into separate functions for ACL\n and event packets for better structure and readability.\n\nThis ensures dump packets are properly identified and consumed, avoiding\ndouble handling and preventing NULL pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37918",
"url": "https://www.suse.com/security/cve/CVE-2025-37918"
},
{
"category": "external",
"summary": "SUSE Bug 1243476 for CVE-2025-37918",
"url": "https://bugzilla.suse.com/1243476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37918"
},
{
"cve": "CVE-2025-37925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: reject on-disk inodes of an unsupported type\n\nSyzbot has reported the following BUG:\n\nkernel BUG at fs/inode.c:668!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc4-syzkaller-00085-g4e46774408d9 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\nRIP: 0010:clear_inode+0x168/0x190\nCode: 4c 89 f7 e8 ba fe e5 ff e9 61 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 7c c1 4c 89 f7 e8 90 ff e5 ff eb b7\n 0b e8 01 5d 7f ff 90 0f 0b e8 f9 5c 7f ff 90 0f 0b e8 f1 5c 7f\nRSP: 0018:ffffc900027dfae8 EFLAGS: 00010093\nRAX: ffffffff82157a87 RBX: 0000000000000001 RCX: ffff888104d4b980\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000\nRBP: ffffc900027dfc90 R08: ffffffff82157977 R09: fffff520004fbf38\nR10: dffffc0000000000 R11: fffff520004fbf38 R12: dffffc0000000000\nR13: ffff88811315bc00 R14: ffff88811315bda8 R15: ffff88811315bb80\nFS: 0000000000000000(0000) GS:ffff888135f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005565222e0578 CR3: 0000000026ef0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? __die_body+0x5f/0xb0\n ? die+0x9e/0xc0\n ? do_trap+0x15a/0x3a0\n ? clear_inode+0x168/0x190\n ? do_error_trap+0x1dc/0x2c0\n ? clear_inode+0x168/0x190\n ? __pfx_do_error_trap+0x10/0x10\n ? report_bug+0x3cd/0x500\n ? handle_invalid_op+0x34/0x40\n ? clear_inode+0x168/0x190\n ? exc_invalid_op+0x38/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? clear_inode+0x57/0x190\n ? clear_inode+0x167/0x190\n ? clear_inode+0x168/0x190\n ? clear_inode+0x167/0x190\n jfs_evict_inode+0xb5/0x440\n ? __pfx_jfs_evict_inode+0x10/0x10\n evict+0x4ea/0x9b0\n ? __pfx_evict+0x10/0x10\n ? iput+0x713/0xa50\n txUpdateMap+0x931/0xb10\n ? __pfx_txUpdateMap+0x10/0x10\n jfs_lazycommit+0x49a/0xb80\n ? _raw_spin_unlock_irqrestore+0x8f/0x140\n ? lockdep_hardirqs_on+0x99/0x150\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_default_wake_function+0x10/0x10\n ? __kthread_parkme+0x169/0x1d0\n ? __pfx_jfs_lazycommit+0x10/0x10\n kthread+0x2f2/0x390\n ? __pfx_jfs_lazycommit+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4d/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis happens when \u0027clear_inode()\u0027 makes an attempt to finalize an underlying\nJFS inode of unknown type. According to JFS layout description from\nhttps://jfs.sourceforge.net/project/pub/jfslayout.pdf, inode types from 5 to\n15 are reserved for future extensions and should not be encountered on a valid\nfilesystem. So add an extra check for valid inode type in \u0027copy_from_dinode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37925",
"url": "https://www.suse.com/security/cve/CVE-2025-37925"
},
{
"category": "external",
"summary": "SUSE Bug 1241654 for CVE-2025-37925",
"url": "https://bugzilla.suse.com/1241654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37925"
},
{
"cve": "CVE-2025-37928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don\u0027t schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [\u003cffffffd816231900\u003e] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37928",
"url": "https://www.suse.com/security/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "SUSE Bug 1243621 for CVE-2025-37928",
"url": "https://bugzilla.suse.com/1243621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37928"
},
{
"cve": "CVE-2025-37929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37929"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays\n\nCommit a5951389e58d (\"arm64: errata: Add newer ARM cores to the\nspectre_bhb_loop_affected() lists\") added some additional CPUs to the\nSpectre-BHB workaround, including some new arrays for designs that\nrequire new \u0027k\u0027 values for the workaround to be effective.\n\nUnfortunately, the new arrays omitted the sentinel entry and so\nis_midr_in_range_list() will walk off the end when it doesn\u0027t find a\nmatch. With UBSAN enabled, this leads to a crash during boot when\nis_midr_in_range_list() is inlined (which was more common prior to\nc8c2647e69be (\"arm64: Make _midr_in_range_list() an exported\nfunction\")):\n\n | Internal error: aarch64 BRK: 00000000f2000001 [#1] PREEMPT SMP\n | pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : spectre_bhb_loop_affected+0x28/0x30\n | lr : is_spectre_bhb_affected+0x170/0x190\n | [...]\n | Call trace:\n | spectre_bhb_loop_affected+0x28/0x30\n | update_cpu_capabilities+0xc0/0x184\n | init_cpu_features+0x188/0x1a4\n | cpuinfo_store_boot_cpu+0x4c/0x60\n | smp_prepare_boot_cpu+0x38/0x54\n | start_kernel+0x8c/0x478\n | __primary_switched+0xc8/0xd4\n | Code: 6b09011f 54000061 52801080 d65f03c0 (d4200020)\n | ---[ end trace 0000000000000000 ]---\n | Kernel panic - not syncing: aarch64 BRK: Fatal exception\n\nAdd the missing sentinel entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37929",
"url": "https://www.suse.com/security/cve/CVE-2025-37929"
},
{
"category": "external",
"summary": "SUSE Bug 1243624 for CVE-2025-37929",
"url": "https://bugzilla.suse.com/1243624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37929"
},
{
"cve": "CVE-2025-37930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()\n\nNouveau is mostly designed in a way that it\u0027s expected that fences only\never get signaled through nouveau_fence_signal(). However, in at least\none other place, nouveau_fence_done(), can signal fences, too. If that\nhappens (race) a signaled fence remains in the pending list for a while,\nuntil it gets removed by nouveau_fence_update().\n\nShould nouveau_fence_context_kill() run in the meantime, this would be\na bug because the function would attempt to set an error code on an\nalready signaled fence.\n\nHave nouveau_fence_context_kill() check for a fence being signaled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37930",
"url": "https://www.suse.com/security/cve/CVE-2025-37930"
},
{
"category": "external",
"summary": "SUSE Bug 1243625 for CVE-2025-37930",
"url": "https://bugzilla.suse.com/1243625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37930"
},
{
"cve": "CVE-2025-37931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: adjust subpage bit start based on sectorsize\n\nWhen running machines with 64k page size and a 16k nodesize we started\nseeing tree log corruption in production. This turned out to be because\nwe were not writing out dirty blocks sometimes, so this in fact affects\nall metadata writes.\n\nWhen writing out a subpage EB we scan the subpage bitmap for a dirty\nrange. If the range isn\u0027t dirty we do\n\n\tbit_start++;\n\nto move onto the next bit. The problem is the bitmap is based on the\nnumber of sectors that an EB has. So in this case, we have a 64k\npagesize, 16k nodesize, but a 4k sectorsize. This means our bitmap is 4\nbits for every node. With a 64k page size we end up with 4 nodes per\npage.\n\nTo make this easier this is how everything looks\n\n[0 16k 32k 48k ] logical address\n[0 4 8 12 ] radix tree offset\n[ 64k page ] folio\n[ 16k eb ][ 16k eb ][ 16k eb ][ 16k eb ] extent buffers\n[ | | | | | | | | | | | | | | | | ] bitmap\n\nNow we use all of our addressing based on fs_info-\u003esectorsize_bits, so\nas you can see the above our 16k eb-\u003estart turns into radix entry 4.\n\nWhen we find a dirty range for our eb, we correctly do bit_start +=\nsectors_per_node, because if we start at bit 0, the next bit for the\nnext eb is 4, to correspond to eb-\u003estart 16k.\n\nHowever if our range is clean, we will do bit_start++, which will now\nput us offset from our radix tree entries.\n\nIn our case, assume that the first time we check the bitmap the block is\nnot dirty, we increment bit_start so now it == 1, and then we loop\naround and check again. This time it is dirty, and we go to find that\nstart using the following equation\n\n\tstart = folio_start + bit_start * fs_info-\u003esectorsize;\n\nso in the case above, eb-\u003estart 0 is now dirty, and we calculate start\nas\n\n\t0 + 1 * fs_info-\u003esectorsize = 4096\n\t4096 \u003e\u003e 12 = 1\n\nNow we\u0027re looking up the radix tree for 1, and we won\u0027t find an eb.\nWhat\u0027s worse is now we\u0027re using bit_start == 1, so we do bit_start +=\nsectors_per_node, which is now 5. If that eb is dirty we will run into\nthe same thing, we will look at an offset that is not populated in the\nradix tree, and now we\u0027re skipping the writeout of dirty extent buffers.\n\nThe best fix for this is to not use sectorsize_bits to address nodes,\nbut that\u0027s a larger change. Since this is a fs corruption problem fix\nit simply by always using sectors_per_node to increment the start bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37931",
"url": "https://www.suse.com/security/cve/CVE-2025-37931"
},
{
"category": "external",
"summary": "SUSE Bug 1243626 for CVE-2025-37931",
"url": "https://bugzilla.suse.com/1243626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37931"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()\n\nIf dib8000_set_dds()\u0027s call to dib8000_read32() returns zero, the result\nis a divide-by-zero. Prevent that from happening.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/media/dvb-frontends/dib8000.o: warning: objtool: dib8000_tune() falls through to next function dib8096p_cfg_DibRx()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37937",
"url": "https://www.suse.com/security/cve/CVE-2025-37937"
},
{
"category": "external",
"summary": "SUSE Bug 1243540 for CVE-2025-37937",
"url": "https://bugzilla.suse.com/1243540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37937"
},
{
"cve": "CVE-2025-37943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi\n\nIn certain cases, hardware might provide packets with a\nlength greater than the maximum native Wi-Fi header length.\nThis can lead to accessing and modifying fields in the header\nwithin the ath12k_dp_rx_h_undecap_nwifi function for\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type and\npotentially resulting in invalid data access and memory corruption.\n\nAdd a sanity check before processing the SKB to prevent invalid\ndata access in the undecap native Wi-Fi function for the\nDP_RX_DECAP_TYPE_NATIVE_WIFI decap type.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37943",
"url": "https://www.suse.com/security/cve/CVE-2025-37943"
},
{
"category": "external",
"summary": "SUSE Bug 1243509 for CVE-2025-37943",
"url": "https://bugzilla.suse.com/1243509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37943"
},
{
"cve": "CVE-2025-37944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process\n\nCurrently, ath12k_dp_mon_srng_process uses ath12k_hal_srng_src_get_next_entry\nto fetch the next entry from the destination ring. This is incorrect because\nath12k_hal_srng_src_get_next_entry is intended for source rings, not destination\nrings. This leads to invalid entry fetches, causing potential data corruption or\ncrashes due to accessing incorrect memory locations. This happens because the\nsource ring and destination ring have different handling mechanisms and using\nthe wrong function results in incorrect pointer arithmetic and ring management.\n\nTo fix this issue, replace the call to ath12k_hal_srng_src_get_next_entry with\nath12k_hal_srng_dst_get_next_entry in ath12k_dp_mon_srng_process. This ensures\nthat the correct function is used for fetching entries from the destination\nring, preventing invalid memory accesses.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1\nTested-on: WCN7850 hw2.0 WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37944",
"url": "https://www.suse.com/security/cve/CVE-2025-37944"
},
{
"category": "external",
"summary": "SUSE Bug 1243530 for CVE-2025-37944",
"url": "https://bugzilla.suse.com/1243530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37944"
},
{
"cve": "CVE-2025-37948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Add BHB mitigation to the epilogue for cBPF programs\n\nA malicious BPF program may manipulate the branch history to influence\nwhat the hardware speculates will happen next.\n\nOn exit from a BPF program, emit the BHB mititgation sequence.\n\nThis is only applied for \u0027classic\u0027 cBPF programs that are loaded by\nseccomp.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37948",
"url": "https://www.suse.com/security/cve/CVE-2025-37948"
},
{
"category": "external",
"summary": "SUSE Bug 1243649 for CVE-2025-37948",
"url": "https://bugzilla.suse.com/1243649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37948"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Add job to pending list if the reset was skipped\n\nWhen a CL/CSD job times out, we check if the GPU has made any progress\nsince the last timeout. If so, instead of resetting the hardware, we skip\nthe reset and let the timer get rearmed. This gives long-running jobs a\nchance to complete.\n\nHowever, when `timedout_job()` is called, the job in question is removed\nfrom the pending list, which means it won\u0027t be automatically freed through\n`free_job()`. Consequently, when we skip the reset and keep the job\nrunning, the job won\u0027t be freed when it finally completes.\n\nThis situation leads to a memory leak, as exposed in [1] and [2].\n\nSimilarly to commit 704d3d60fec4 (\"drm/etnaviv: don\u0027t block scheduler when\nGPU is still active\"), this patch ensures the job is put back on the\npending list when extending the timeout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37951",
"url": "https://www.suse.com/security/cve/CVE-2025-37951"
},
{
"category": "external",
"summary": "SUSE Bug 1243659 for CVE-2025-37951",
"url": "https://bugzilla.suse.com/1243659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37951"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Avoid race in open_cached_dir with lease breaks\n\nA pre-existing valid cfid returned from find_or_create_cached_dir might\nrace with a lease break, meaning open_cached_dir doesn\u0027t consider it\nvalid, and thinks it\u0027s newly-constructed. This leaks a dentry reference\nif the allocation occurs before the queued lease break work runs.\n\nAvoid the race by extending holding the cfid_list_lock across\nfind_or_create_cached_dir and when the result is checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37954",
"url": "https://www.suse.com/security/cve/CVE-2025-37954"
},
{
"category": "external",
"summary": "SUSE Bug 1243664 for CVE-2025-37954",
"url": "https://bugzilla.suse.com/1243664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37954"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37959",
"url": "https://www.suse.com/security/cve/CVE-2025-37959"
},
{
"category": "external",
"summary": "SUSE Bug 1243517 for CVE-2025-37959",
"url": "https://bugzilla.suse.com/1243517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: bpf: Only mitigate cBPF programs loaded by unprivileged users\n\nSupport for eBPF programs loaded by unprivileged users is typically\ndisabled. This means only cBPF programs need to be mitigated for BHB.\n\nIn addition, only mitigate cBPF programs that were loaded by an\nunprivileged user. Privileged users can also load the same program\nvia eBPF, making the mitigation pointless.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37963",
"url": "https://www.suse.com/security/cve/CVE-2025-37963"
},
{
"category": "external",
"summary": "SUSE Bug 1243660 for CVE-2025-37963",
"url": "https://bugzilla.suse.com/1243660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "low"
}
],
"title": "CVE-2025-37963"
},
{
"cve": "CVE-2025-37969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo\n\nPrevent st_lsm6dsx_read_tagged_fifo from falling in an infinite loop in\ncase pattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37969",
"url": "https://www.suse.com/security/cve/CVE-2025-37969"
},
{
"category": "external",
"summary": "SUSE Bug 1243574 for CVE-2025-37969",
"url": "https://bugzilla.suse.com/1243574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37969"
},
{
"cve": "CVE-2025-37970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo\n\nPrevent st_lsm6dsx_read_fifo from falling in an infinite loop in case\npattern_len is equal to zero and the device FIFO is not empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37970",
"url": "https://www.suse.com/security/cve/CVE-2025-37970"
},
{
"category": "external",
"summary": "SUSE Bug 1243575 for CVE-2025-37970",
"url": "https://bugzilla.suse.com/1243575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37970"
},
{
"cve": "CVE-2025-37972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37972",
"url": "https://www.suse.com/security/cve/CVE-2025-37972"
},
{
"category": "external",
"summary": "SUSE Bug 1243573 for CVE-2025-37972",
"url": "https://bugzilla.suse.com/1243573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-37978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: integrity: Do not call set_page_dirty_lock()\n\nPlacing multiple protection information buffers inside the same page\ncan lead to oopses because set_page_dirty_lock() can\u0027t be called from\ninterrupt context.\n\nSince a protection information buffer is not backed by a file there is\nno point in setting its page dirty, there is nothing to synchronize.\nDrop the call to set_page_dirty_lock() and remove the last argument to\nbio_integrity_unpin_bvec().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37978",
"url": "https://www.suse.com/security/cve/CVE-2025-37978"
},
{
"category": "external",
"summary": "SUSE Bug 1243516 for CVE-2025-37978",
"url": "https://bugzilla.suse.com/1243516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37978"
},
{
"cve": "CVE-2025-37979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix sc7280 lpass potential buffer overflow\n\nCase values introduced in commit\n5f78e1fb7a3e (\"ASoC: qcom: Add driver support for audioreach solution\")\ncause out of bounds access in arrays of sc7280 driver data (e.g. in case\nof RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()).\n\nRedefine LPASS_MAX_PORTS to consider the maximum possible port id for\nq6dsp as sc7280 driver utilizes some of those values.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37979",
"url": "https://www.suse.com/security/cve/CVE-2025-37979"
},
{
"category": "external",
"summary": "SUSE Bug 1243545 for CVE-2025-37979",
"url": "https://bugzilla.suse.com/1243545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37979"
},
{
"cve": "CVE-2025-37980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37980",
"url": "https://www.suse.com/security/cve/CVE-2025-37980"
},
{
"category": "external",
"summary": "SUSE Bug 1243522 for CVE-2025-37980",
"url": "https://bugzilla.suse.com/1243522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-37982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37982",
"url": "https://www.suse.com/security/cve/CVE-2025-37982"
},
{
"category": "external",
"summary": "SUSE Bug 1243524 for CVE-2025-37982",
"url": "https://bugzilla.suse.com/1243524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37982"
},
{
"cve": "CVE-2025-37983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix _another_ leak\n\nfailure to allocate inode =\u003e leaked dentry...\n\nthis one had been there since the initial merge; to be fair,\nif we are that far OOM, the odds of failing at that particular\nallocation are low...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37983",
"url": "https://www.suse.com/security/cve/CVE-2025-37983"
},
{
"category": "external",
"summary": "SUSE Bug 1243567 for CVE-2025-37983",
"url": "https://bugzilla.suse.com/1243567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37983"
},
{
"cve": "CVE-2025-37985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: wdm: close race between wdm_open and wdm_wwan_port_stop\n\nClearing WDM_WWAN_IN_USE must be the last action or\nwe can open a chardev whose URBs are still poisoned",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37985",
"url": "https://www.suse.com/security/cve/CVE-2025-37985"
},
{
"category": "external",
"summary": "SUSE Bug 1243529 for CVE-2025-37985",
"url": "https://bugzilla.suse.com/1243529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37985"
},
{
"cve": "CVE-2025-37986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Invalidate USB device pointers on partner unregistration\n\nTo avoid using invalid USB device pointers after a Type-C partner\ndisconnects, this patch clears the pointers upon partner unregistration.\nThis ensures a clean state for future connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37986",
"url": "https://www.suse.com/security/cve/CVE-2025-37986"
},
{
"category": "external",
"summary": "SUSE Bug 1243515 for CVE-2025-37986",
"url": "https://bugzilla.suse.com/1243515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37986"
},
{
"cve": "CVE-2025-37989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: leds: fix memory leak\n\nA network restart test on a router led to an out-of-memory condition,\nwhich was traced to a memory leak in the PHY LED trigger code.\n\nThe root cause is misuse of the devm API. The registration function\n(phy_led_triggers_register) is called from phy_attach_direct, not\nphy_probe, and the unregister function (phy_led_triggers_unregister)\nis called from phy_detach, not phy_remove. This means the register and\nunregister functions can be called multiple times for the same PHY\ndevice, but devm-allocated memory is not freed until the driver is\nunbound.\n\nThis also prevents kmemleak from detecting the leak, as the devm API\ninternally stores the allocated pointer.\n\nFix this by replacing devm_kzalloc/devm_kcalloc with standard\nkzalloc/kcalloc, and add the corresponding kfree calls in the unregister\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37989",
"url": "https://www.suse.com/security/cve/CVE-2025-37989"
},
{
"category": "external",
"summary": "SUSE Bug 1243511 for CVE-2025-37989",
"url": "https://bugzilla.suse.com/1243511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37989"
},
{
"cve": "CVE-2025-37990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage()\n\nThe function brcmf_usb_dl_writeimage() calls the function\nbrcmf_usb_dl_cmd() but dose not check its return value. The\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized if the\nfunction brcmf_usb_dl_cmd() fails. It is dangerous to use\nuninitialized variables in the conditions.\n\nAdd error handling for brcmf_usb_dl_cmd() to jump to error\nhandling path if the brcmf_usb_dl_cmd() fails and the\n\u0027state.state\u0027 and the \u0027state.bytes\u0027 are uninitialized.\n\nImprove the error message to report more detailed error\ninformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37990",
"url": "https://www.suse.com/security/cve/CVE-2025-37990"
},
{
"category": "external",
"summary": "SUSE Bug 1243528 for CVE-2025-37990",
"url": "https://bugzilla.suse.com/1243528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37990"
},
{
"cve": "CVE-2025-38104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV\n\nRLCG Register Access is a way for virtual functions to safely access GPU\nregisters in a virtualized environment., including TLB flushes and\nregister reads. When multiple threads or VFs try to access the same\nregisters simultaneously, it can lead to race conditions. By using the\nRLCG interface, the driver can serialize access to the registers. This\nmeans that only one thread can access the registers at a time,\npreventing conflicts and ensuring that operations are performed\ncorrectly. Additionally, when a low-priority task holds a mutex that a\nhigh-priority task needs, ie., If a thread holding a spinlock tries to\nacquire a mutex, it can lead to priority inversion. register access in\namdgpu_virt_rlcg_reg_rw especially in a fast code path is critical.\n\nThe call stack shows that the function amdgpu_virt_rlcg_reg_rw is being\ncalled, which attempts to acquire the mutex. This function is invoked\nfrom amdgpu_sriov_wreg, which in turn is called from\ngmc_v11_0_flush_gpu_tlb.\n\nThe [ BUG: Invalid wait context ] indicates that a thread is trying to\nacquire a mutex while it is in a context that does not allow it to sleep\n(like holding a spinlock).\n\nFixes the below:\n\n[ 253.013423] =============================\n[ 253.013434] [ BUG: Invalid wait context ]\n[ 253.013446] 6.12.0-amdstaging-drm-next-lol-050225 #14 Tainted: G U OE\n[ 253.013464] -----------------------------\n[ 253.013475] kworker/0:1/10 is trying to lock:\n[ 253.013487] ffff9f30542e3cf8 (\u0026adev-\u003evirt.rlcg_reg_lock){+.+.}-{3:3}, at: amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.013815] other info that might help us debug this:\n[ 253.013827] context-{4:4}\n[ 253.013835] 3 locks held by kworker/0:1/10:\n[ 253.013847] #0: ffff9f3040050f58 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x3f5/0x680\n[ 253.013877] #1: ffffb789c008be40 ((work_completion)(\u0026wfc.work)){+.+.}-{0:0}, at: process_one_work+0x1d6/0x680\n[ 253.013905] #2: ffff9f3054281838 (\u0026adev-\u003egmc.invalidate_lock){+.+.}-{2:2}, at: gmc_v11_0_flush_gpu_tlb+0x198/0x4f0 [amdgpu]\n[ 253.014154] stack backtrace:\n[ 253.014164] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G U OE 6.12.0-amdstaging-drm-next-lol-050225 #14\n[ 253.014189] Tainted: [U]=USER, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n[ 253.014203] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/18/2024\n[ 253.014224] Workqueue: events work_for_cpu_fn\n[ 253.014241] Call Trace:\n[ 253.014250] \u003cTASK\u003e\n[ 253.014260] dump_stack_lvl+0x9b/0xf0\n[ 253.014275] dump_stack+0x10/0x20\n[ 253.014287] __lock_acquire+0xa47/0x2810\n[ 253.014303] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014321] lock_acquire+0xd1/0x300\n[ 253.014333] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014562] ? __lock_acquire+0xa6b/0x2810\n[ 253.014578] __mutex_lock+0x85/0xe20\n[ 253.014591] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.014782] ? sched_clock_noinstr+0x9/0x10\n[ 253.014795] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.014808] ? local_clock_noinstr+0xe/0xc0\n[ 253.014822] ? amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015012] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.015029] mutex_lock_nested+0x1b/0x30\n[ 253.015044] ? mutex_lock_nested+0x1b/0x30\n[ 253.015057] amdgpu_virt_rlcg_reg_rw+0xf6/0x330 [amdgpu]\n[ 253.015249] amdgpu_sriov_wreg+0xc5/0xd0 [amdgpu]\n[ 253.015435] gmc_v11_0_flush_gpu_tlb+0x44b/0x4f0 [amdgpu]\n[ 253.015667] gfx_v11_0_hw_init+0x499/0x29c0 [amdgpu]\n[ 253.015901] ? __pfx_smu_v13_0_update_pcie_parameters+0x10/0x10 [amdgpu]\n[ 253.016159] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 253.016173] ? smu_hw_init+0x18d/0x300 [amdgpu]\n[ 253.016403] amdgpu_device_init+0x29ad/0x36a0 [amdgpu]\n[ 253.016614] amdgpu_driver_load_kms+0x1a/0xc0 [amdgpu]\n[ 253.0170\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38104",
"url": "https://www.suse.com/security/cve/CVE-2025-38104"
},
{
"category": "external",
"summary": "SUSE Bug 1241635 for CVE-2025-38104",
"url": "https://bugzilla.suse.com/1241635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38104"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38240",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38240"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr\n\nThe function mtk_dp_wait_hpd_asserted() may be called before the\n`mtk_dp-\u003edrm_dev` pointer is assigned in mtk_dp_bridge_attach().\nSpecifically it can be called via this callpath:\n - mtk_edp_wait_hpd_asserted\n - [panel probe]\n - dp_aux_ep_probe\n\nUsing \"drm\" level prints anywhere in this callpath causes a NULL\npointer dereference. Change the error message directly in\nmtk_dp_wait_hpd_asserted() to dev_err() to avoid this. Also change the\nerror messages in mtk_dp_parse_capabilities(), which is called by\nmtk_dp_wait_hpd_asserted().\n\nWhile touching these prints, also add the error code to them to make\nfuture debugging easier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38240",
"url": "https://www.suse.com/security/cve/CVE-2025-38240"
},
{
"category": "external",
"summary": "SUSE Bug 1241457 for CVE-2025-38240",
"url": "https://bugzilla.suse.com/1241457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38240"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix slab-out-of-bounds read in ea_get()\n\nDuring the \"size_check\" label in ea_get(), the code checks if the extended\nattribute list (xattr) size matches ea_size. If not, it logs\n\"ea_get: invalid extended attribute\" and calls print_hex_dump().\n\nHere, EALIST_SIZE(ea_buf-\u003exattr) returns 4110417968, which exceeds\nINT_MAX (2,147,483,647). Then ea_size is clamped:\n\n\tint size = clamp_t(int, ea_size, 0, EALIST_SIZE(ea_buf-\u003exattr));\n\nAlthough clamp_t aims to bound ea_size between 0 and 4110417968, the upper\nlimit is treated as an int, causing an overflow above 2^31 - 1. This leads\n\"size\" to wrap around and become negative (-184549328).\n\nThe \"size\" is then passed to print_hex_dump() (called \"len\" in\nprint_hex_dump()), it is passed as type size_t (an unsigned\ntype), this is then stored inside a variable called\n\"int remaining\", which is then assigned to \"int linelen\" which\nis then passed to hex_dump_to_buffer(). In print_hex_dump()\nthe for loop, iterates through 0 to len-1, where len is\n18446744073525002176, calling hex_dump_to_buffer()\non each iteration:\n\n\tfor (i = 0; i \u003c len; i += rowsize) {\n\t\tlinelen = min(remaining, rowsize);\n\t\tremaining -= rowsize;\n\n\t\thex_dump_to_buffer(ptr + i, linelen, rowsize, groupsize,\n\t\t\t\t linebuf, sizeof(linebuf), ascii);\n\n\t\t...\n\t}\n\nThe expected stopping condition (i \u003c len) is effectively broken\nsince len is corrupted and very large. This eventually leads to\nthe \"ptr+i\" being passed to hex_dump_to_buffer() to get closer\nto the end of the actual bounds of \"ptr\", eventually an out of\nbounds access is done in hex_dump_to_buffer() in the following\nfor loop:\n\n\tfor (j = 0; j \u003c len; j++) {\n\t\t\tif (linebuflen \u003c lx + 2)\n\t\t\t\tgoto overflow2;\n\t\t\tch = ptr[j];\n\t\t...\n\t}\n\nTo fix this we should validate \"EALIST_SIZE(ea_buf-\u003exattr)\"\nbefore it is utilised.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39735",
"url": "https://www.suse.com/security/cve/CVE-2025-39735"
},
{
"category": "external",
"summary": "SUSE Bug 1241625 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241625"
},
{
"category": "external",
"summary": "SUSE Bug 1241699 for CVE-2025-39735",
"url": "https://bugzilla.suse.com/1241699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "important"
}
],
"title": "CVE-2025-39735"
},
{
"cve": "CVE-2025-40014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nobjtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()\n\nIf speed_hz \u003c AMD_SPI_MIN_HZ, amd_set_spi_freq() iterates over the\nentire amd_spi_freq array without breaking out early, causing \u0027i\u0027 to go\nbeyond the array bounds.\n\nFix that by stopping the loop when it gets to the last entry, so the low\nspeed_hz value gets clamped up to AMD_SPI_MIN_HZ.\n\nFixes the following warning with an UBSAN kernel:\n\n drivers/spi/spi-amd.o: error: objtool: amd_set_spi_freq() falls through to next function amd_spi_set_opcode()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40014",
"url": "https://www.suse.com/security/cve/CVE-2025-40014"
},
{
"category": "external",
"summary": "SUSE Bug 1241644 for CVE-2025-40014",
"url": "https://bugzilla.suse.com/1241644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-40014"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-30.1.21.8.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-30.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-30.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-30.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-15T12:06:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
suse-su-2025:02611-1
Vulnerability from csaf_suse
Published
2025-08-03 16:34
Modified
2025-08-03 16:34
Summary
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)
Description of the patch
This update for the Linux Kernel 5.14.21-150400_24_158 fixes several issues.
The following security issues were fixed:
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
Patchnames
SUSE-2025-2611,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2611
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_158 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2611,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2611",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02611-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02611-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502611-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02611-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041017.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE Bug 1245804",
"url": "https://bugzilla.suse.com/1245804"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2025-08-03T16:34:14Z",
"generator": {
"date": "2025-08-03T16:34:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02611-1",
"initial_release_date": "2025-08-03T16:34:14Z",
"revision_history": [
{
"date": "2025-08-03T16:34:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-03T16:34:14Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-03T16:34:14Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-03T16:34:14Z",
"details": "moderate"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_158-default-3-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-03T16:34:14Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:20624-1
Vulnerability from csaf_suse
Published
2025-08-25 12:45
Modified
2025-08-25 12:45
Summary
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
Notes
Title of the patch
Security update for kernel-livepatch-MICRO-6-0-RT_Update_8
Description of the patch
This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
Patchnames
SUSE-SLE-Micro-6.1-kernel-72
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0-RT_Update_8",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0-RT_Update_8 fixes the following issues:\n\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-72",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20624-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20624-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520624-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20624-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041437.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0-RT_Update_8",
"tracking": {
"current_release_date": "2025-08-25T12:45:12Z",
"generator": {
"date": "2025-08-25T12:45:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20624-1",
"initial_release_date": "2025-08-25T12:45:12Z",
"revision_history": [
{
"date": "2025-08-25T12:45:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:45:12Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:45:12Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-31-rt-2-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:45:12Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:02602-1
Vulnerability from csaf_suse
Published
2025-08-02 06:06
Modified
2025-08-02 06:06
Summary
Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)
Notes
Title of the patch
Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_10_26 fixes several issues.
The following security issues were fixed:
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
Patchnames
SUSE-2025-2602,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2602
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 6.4.0-150600_10_26 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2602,SUSE-SLE-Module-Live-Patching-15-SP6-2025-2602",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02602-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02602-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502602-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02602-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041048.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)",
"tracking": {
"current_release_date": "2025-08-02T06:06:06Z",
"generator": {
"date": "2025-08-02T06:06:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02602-1",
"initial_release_date": "2025-08-02T06:06:06Z",
"revision_history": [
{
"date": "2025-08-02T06:06:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T06:06:06Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T06:06:06Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_26-rt-4-150600.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-02T06:06:06Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:02627-1
Vulnerability from csaf_suse
Published
2025-08-04 08:34
Modified
2025-08-04 08:34
Summary
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues.
The following security issues were fixed:
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645).
Patchnames
SUSE-2025-2627,SUSE-SLE-Module-Live-Patching-15-SP3-2025-2627
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235250).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228645).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2627,SUSE-SLE-Module-Live-Patching-15-SP3-2025-2627",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02627-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02627-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502627-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02627-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041055.html"
},
{
"category": "self",
"summary": "SUSE Bug 1228645",
"url": "https://bugzilla.suse.com/1228645"
},
{
"category": "self",
"summary": "SUSE Bug 1235250",
"url": "https://bugzilla.suse.com/1235250"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-08-04T08:34:47Z",
"generator": {
"date": "2025-08-04T08:34:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02627-1",
"initial_release_date": "2025-08-04T08:34:47Z",
"revision_history": [
{
"date": "2025-08-04T08:34:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-preempt-17-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-preempt-17-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-preempt-17-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-41069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: topology: Fix references to freed memory\n\nMost users after parsing a topology file, release memory used by it, so\nhaving pointer references directly into topology file contents is wrong.\nUse devm_kmemdup(), to allocate memory as needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41069",
"url": "https://www.suse.com/security/cve/CVE-2024-41069"
},
{
"category": "external",
"summary": "SUSE Bug 1228644 for CVE-2024-41069",
"url": "https://bugzilla.suse.com/1228644"
},
{
"category": "external",
"summary": "SUSE Bug 1228645 for CVE-2024-41069",
"url": "https://bugzilla.suse.com/1228645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T08:34:47Z",
"details": "important"
}
],
"title": "CVE-2024-41069"
},
{
"cve": "CVE-2024-56664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket\u0027s close() link popping \u0026 unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(\u0026stab-\u003elock)\n osk = stab-\u003esks[idx]\n sock_map_add_link(..., \u0026stab-\u003esks[idx])\n sock_map_unref(osk, \u0026stab-\u003esks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(\u0026psock))\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(\u0026stab-\u003elock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56664",
"url": "https://www.suse.com/security/cve/CVE-2024-56664"
},
{
"category": "external",
"summary": "SUSE Bug 1235249 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235249"
},
{
"category": "external",
"summary": "SUSE Bug 1235250 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T08:34:47Z",
"details": "important"
}
],
"title": "CVE-2024-56664"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T08:34:47Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T08:34:47Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_167-default-17-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-04T08:34:47Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:02322-1
Vulnerability from csaf_suse
Published
2025-07-15 14:31
Modified
2025-07-15 14:31
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1207361 bsc#1225468).
- CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552).
- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).
- CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876).
- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).
- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).
The following non-security bugs were fixed:
- Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).')
- Fix reference in 'net_sched: sch_sfq: use a temporary work area for validating configuration' (bsc#1242504)
- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build')
- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ('bs-upload-kernel: Pass limit_packages also on multibuild')
- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
- Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82
- Test the correct macro to detect RT kernel build Fixes: 470cd1a41502 ('kernel-binary: Support livepatch_rt with merged RT branch')
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE.
- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ('MyBS: Use buildflags to set which package to build') Fixes: 747f601d4156 ('bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)')
- check-for-config-changes: Fix flag name typo
- doc/README.SUSE: Point to the updated version of LKMPG
- hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-obs-qa: Use srchash for dependency as well
- kernel-source: Also replace bin/env
- kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 ('kernel-source: Also replace bin/env'
- kernel-source: Do not use multiple -r in sed parameters
- kernel-source: Remove log.sh from sources
- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).')
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used
- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE
- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.
- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64.
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.
- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev & systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659)
- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.
- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).
- wifi: cfg80211: Add my certificate (bsc#1243001).
- wifi: cfg80211: fix certs build to not depend on file order (bsc#1243001).
Patchnames
SUSE-2025-2322,SUSE-SLE-Micro-5.3-2025-2322,SUSE-SLE-Micro-5.4-2025-2322
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47557: net/sched: sch_ets: do not peek at classes beyond \u0027nbands\u0027 (bsc#1207361 bsc#1225468).\n- CVE-2021-47595: net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1207361 bsc#1226552).\n- CVE-2023-52924: netfilter: nf_tables: do not skip expired elements during walk (bsc#1236821).\n- CVE-2023-52925: netfilter: nf_tables: do not fail inserts if duplicate has expired (bsc#1236822).\n- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).\n- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).\n- CVE-2024-27397: kabi: place tstamp needed for nftables set in a hole (bsc#1224095).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).\n- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).\n- CVE-2024-56770: sch/netem: fix use after free in netem_dequeue (bsc#1235637).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21756: vsock: Orphan socket after transport release (bsc#1238876).\n- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37890: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (bsc#1243330).\n- CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).\n- CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).\n- CVE-2025-38014: dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (bsc#1244732).\n- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245183).\n\nThe following non-security bugs were fixed:\n\n- Fix conditional for selecting gcc-13 Fixes: 51dacec21eb1 (\u0027Use gcc-13 for build on SLE16 (jsc#PED-10028).\u0027)\n- Fix reference in \u0027net_sched: sch_sfq: use a temporary work area for validating configuration\u0027 (bsc#1242504)\n- MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027)\n- MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b (\u0027bs-upload-kernel: Pass limit_packages also on multibuild\u0027)\n- MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.\n- Require zstd in kernel-default-devel when module compression is zstd To use ksym-provides tool modules need to be uncompressed. Without zstd at least kernel-default-base does not have provides. Link: https://github.com/openSUSE/rpm-config-SUSE/pull/82\n- Test the correct macro to detect RT kernel build Fixes: 470cd1a41502 (\u0027kernel-binary: Support livepatch_rt with merged RT branch\u0027)\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- add nf_tables for iptables non-legacy network handling This is needed for example by docker on the Alpine Linux distribution, but can also be used on openSUSE.\n- bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc (\u0027MyBS: Use buildflags to set which package to build\u0027) Fixes: 747f601d4156 (\u0027bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)\u0027)\n- check-for-config-changes: Fix flag name typo\n- doc/README.SUSE: Point to the updated version of LKMPG\n- hugetlb: unshare some PMDs when splitting VMAs (bsc#1245431).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-obs-qa: Use srchash for dependency as well\n- kernel-source: Also replace bin/env\n- kernel-source: Also update the search to match bin/env Fixes: dc2037cd8f94 (\u0027kernel-source: Also replace bin/env\u0027\n- kernel-source: Do not use multiple -r in sed parameters\n- kernel-source: Remove log.sh from sources\n- mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).\n- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).\n- mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).\n- net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).\n- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 (\u0027Use gcc-13 for build on SLE16 (jsc#PED-10028).\u0027)\n- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).\n- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN Both spellings are actually used\n- rpm/check-for-config-changes: add LD_CAN_ to IGNORED_CONFIGS_RE\n- rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang.\n- rpm/check-for-config-changes: ignore DRM_MSM_VALIDATE_XML This option is dynamically enabled to build-test different configurations. This makes run_oldconfig.sh complain sporadically for arm64.\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.\n- rpm/kernel-binary.spec.in: Use OrderWithRequires (boo#1228659 boo#1241038). OrderWithRequires was introduced in rpm 4.9 (ie. SLE12+) to allow a package to inform the order of installation of other package without hard requiring that package. This means our kernel-binary packages no longer need to hard require perl-Bootloader or dracut, resolving the long-commented issue there. This is also needed for udev \u0026 systemd-boot to ensure those packages are installed before being called by dracut (boo#1228659)\n- rpm/kernel-binary.spec.in: fix KMPs build on 6.13+ (bsc#1234454)\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file. This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag.\n- scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).\n- scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455).\n- wifi: cfg80211: Add my certificate (bsc#1243001).\n- wifi: cfg80211: fix certs build to not depend on file order (bsc#1243001).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2322,SUSE-SLE-Micro-5.3-2025-2322,SUSE-SLE-Micro-5.4-2025-2322",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02322-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02322-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502322-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02322-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040712.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1156395",
"url": "https://bugzilla.suse.com/1156395"
},
{
"category": "self",
"summary": "SUSE Bug 1193629",
"url": "https://bugzilla.suse.com/1193629"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1198410",
"url": "https://bugzilla.suse.com/1198410"
},
{
"category": "self",
"summary": "SUSE Bug 1199356",
"url": "https://bugzilla.suse.com/1199356"
},
{
"category": "self",
"summary": "SUSE Bug 1199487",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "self",
"summary": "SUSE Bug 1201160",
"url": "https://bugzilla.suse.com/1201160"
},
{
"category": "self",
"summary": "SUSE Bug 1201956",
"url": "https://bugzilla.suse.com/1201956"
},
{
"category": "self",
"summary": "SUSE Bug 1202094",
"url": "https://bugzilla.suse.com/1202094"
},
{
"category": "self",
"summary": "SUSE Bug 1202095",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "self",
"summary": "SUSE Bug 1202564",
"url": "https://bugzilla.suse.com/1202564"
},
{
"category": "self",
"summary": "SUSE Bug 1202716",
"url": "https://bugzilla.suse.com/1202716"
},
{
"category": "self",
"summary": "SUSE Bug 1202823",
"url": "https://bugzilla.suse.com/1202823"
},
{
"category": "self",
"summary": "SUSE Bug 1202860",
"url": "https://bugzilla.suse.com/1202860"
},
{
"category": "self",
"summary": "SUSE Bug 1203197",
"url": "https://bugzilla.suse.com/1203197"
},
{
"category": "self",
"summary": "SUSE Bug 1203361",
"url": "https://bugzilla.suse.com/1203361"
},
{
"category": "self",
"summary": "SUSE Bug 1205220",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "self",
"summary": "SUSE Bug 1205514",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "self",
"summary": "SUSE Bug 1206664",
"url": "https://bugzilla.suse.com/1206664"
},
{
"category": "self",
"summary": "SUSE Bug 1206878",
"url": "https://bugzilla.suse.com/1206878"
},
{
"category": "self",
"summary": "SUSE Bug 1206880",
"url": "https://bugzilla.suse.com/1206880"
},
{
"category": "self",
"summary": "SUSE Bug 1207361",
"url": "https://bugzilla.suse.com/1207361"
},
{
"category": "self",
"summary": "SUSE Bug 1207638",
"url": "https://bugzilla.suse.com/1207638"
},
{
"category": "self",
"summary": "SUSE Bug 1211226",
"url": "https://bugzilla.suse.com/1211226"
},
{
"category": "self",
"summary": "SUSE Bug 1212051",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "self",
"summary": "SUSE Bug 1213090",
"url": "https://bugzilla.suse.com/1213090"
},
{
"category": "self",
"summary": "SUSE Bug 1218184",
"url": "https://bugzilla.suse.com/1218184"
},
{
"category": "self",
"summary": "SUSE Bug 1218234",
"url": "https://bugzilla.suse.com/1218234"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1222634",
"url": "https://bugzilla.suse.com/1222634"
},
{
"category": "self",
"summary": "SUSE Bug 1223675",
"url": "https://bugzilla.suse.com/1223675"
},
{
"category": "self",
"summary": "SUSE Bug 1224095",
"url": "https://bugzilla.suse.com/1224095"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1225468",
"url": "https://bugzilla.suse.com/1225468"
},
{
"category": "self",
"summary": "SUSE Bug 1225820",
"url": "https://bugzilla.suse.com/1225820"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1226552",
"url": "https://bugzilla.suse.com/1226552"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1234156",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "self",
"summary": "SUSE Bug 1234381",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "self",
"summary": "SUSE Bug 1234454",
"url": "https://bugzilla.suse.com/1234454"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1242221",
"url": "https://bugzilla.suse.com/1242221"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242782",
"url": "https://bugzilla.suse.com/1242782"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1243001",
"url": "https://bugzilla.suse.com/1243001"
},
{
"category": "self",
"summary": "SUSE Bug 1243330",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243832",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "self",
"summary": "SUSE Bug 1244114",
"url": "https://bugzilla.suse.com/1244114"
},
{
"category": "self",
"summary": "SUSE Bug 1244179",
"url": "https://bugzilla.suse.com/1244179"
},
{
"category": "self",
"summary": "SUSE Bug 1244234",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "self",
"summary": "SUSE Bug 1244241",
"url": "https://bugzilla.suse.com/1244241"
},
{
"category": "self",
"summary": "SUSE Bug 1244277",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "self",
"summary": "SUSE Bug 1244309",
"url": "https://bugzilla.suse.com/1244309"
},
{
"category": "self",
"summary": "SUSE Bug 1244337",
"url": "https://bugzilla.suse.com/1244337"
},
{
"category": "self",
"summary": "SUSE Bug 1244732",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "self",
"summary": "SUSE Bug 1244764",
"url": "https://bugzilla.suse.com/1244764"
},
{
"category": "self",
"summary": "SUSE Bug 1244765",
"url": "https://bugzilla.suse.com/1244765"
},
{
"category": "self",
"summary": "SUSE Bug 1244767",
"url": "https://bugzilla.suse.com/1244767"
},
{
"category": "self",
"summary": "SUSE Bug 1244770",
"url": "https://bugzilla.suse.com/1244770"
},
{
"category": "self",
"summary": "SUSE Bug 1244771",
"url": "https://bugzilla.suse.com/1244771"
},
{
"category": "self",
"summary": "SUSE Bug 1244773",
"url": "https://bugzilla.suse.com/1244773"
},
{
"category": "self",
"summary": "SUSE Bug 1244774",
"url": "https://bugzilla.suse.com/1244774"
},
{
"category": "self",
"summary": "SUSE Bug 1244776",
"url": "https://bugzilla.suse.com/1244776"
},
{
"category": "self",
"summary": "SUSE Bug 1244779",
"url": "https://bugzilla.suse.com/1244779"
},
{
"category": "self",
"summary": "SUSE Bug 1244780",
"url": "https://bugzilla.suse.com/1244780"
},
{
"category": "self",
"summary": "SUSE Bug 1244781",
"url": "https://bugzilla.suse.com/1244781"
},
{
"category": "self",
"summary": "SUSE Bug 1244782",
"url": "https://bugzilla.suse.com/1244782"
},
{
"category": "self",
"summary": "SUSE Bug 1244783",
"url": "https://bugzilla.suse.com/1244783"
},
{
"category": "self",
"summary": "SUSE Bug 1244784",
"url": "https://bugzilla.suse.com/1244784"
},
{
"category": "self",
"summary": "SUSE Bug 1244786",
"url": "https://bugzilla.suse.com/1244786"
},
{
"category": "self",
"summary": "SUSE Bug 1244787",
"url": "https://bugzilla.suse.com/1244787"
},
{
"category": "self",
"summary": "SUSE Bug 1244788",
"url": "https://bugzilla.suse.com/1244788"
},
{
"category": "self",
"summary": "SUSE Bug 1244790",
"url": "https://bugzilla.suse.com/1244790"
},
{
"category": "self",
"summary": "SUSE Bug 1244793",
"url": "https://bugzilla.suse.com/1244793"
},
{
"category": "self",
"summary": "SUSE Bug 1244794",
"url": "https://bugzilla.suse.com/1244794"
},
{
"category": "self",
"summary": "SUSE Bug 1244796",
"url": "https://bugzilla.suse.com/1244796"
},
{
"category": "self",
"summary": "SUSE Bug 1244797",
"url": "https://bugzilla.suse.com/1244797"
},
{
"category": "self",
"summary": "SUSE Bug 1244798",
"url": "https://bugzilla.suse.com/1244798"
},
{
"category": "self",
"summary": "SUSE Bug 1244800",
"url": "https://bugzilla.suse.com/1244800"
},
{
"category": "self",
"summary": "SUSE Bug 1244802",
"url": "https://bugzilla.suse.com/1244802"
},
{
"category": "self",
"summary": "SUSE Bug 1244804",
"url": "https://bugzilla.suse.com/1244804"
},
{
"category": "self",
"summary": "SUSE Bug 1244807",
"url": "https://bugzilla.suse.com/1244807"
},
{
"category": "self",
"summary": "SUSE Bug 1244808",
"url": "https://bugzilla.suse.com/1244808"
},
{
"category": "self",
"summary": "SUSE Bug 1244811",
"url": "https://bugzilla.suse.com/1244811"
},
{
"category": "self",
"summary": "SUSE Bug 1244813",
"url": "https://bugzilla.suse.com/1244813"
},
{
"category": "self",
"summary": "SUSE Bug 1244814",
"url": "https://bugzilla.suse.com/1244814"
},
{
"category": "self",
"summary": "SUSE Bug 1244815",
"url": "https://bugzilla.suse.com/1244815"
},
{
"category": "self",
"summary": "SUSE Bug 1244816",
"url": "https://bugzilla.suse.com/1244816"
},
{
"category": "self",
"summary": "SUSE Bug 1244819",
"url": "https://bugzilla.suse.com/1244819"
},
{
"category": "self",
"summary": "SUSE Bug 1244820",
"url": "https://bugzilla.suse.com/1244820"
},
{
"category": "self",
"summary": "SUSE Bug 1244823",
"url": "https://bugzilla.suse.com/1244823"
},
{
"category": "self",
"summary": "SUSE Bug 1244824",
"url": "https://bugzilla.suse.com/1244824"
},
{
"category": "self",
"summary": "SUSE Bug 1244825",
"url": "https://bugzilla.suse.com/1244825"
},
{
"category": "self",
"summary": "SUSE Bug 1244830",
"url": "https://bugzilla.suse.com/1244830"
},
{
"category": "self",
"summary": "SUSE Bug 1244831",
"url": "https://bugzilla.suse.com/1244831"
},
{
"category": "self",
"summary": "SUSE Bug 1244832",
"url": "https://bugzilla.suse.com/1244832"
},
{
"category": "self",
"summary": "SUSE Bug 1244834",
"url": "https://bugzilla.suse.com/1244834"
},
{
"category": "self",
"summary": "SUSE Bug 1244836",
"url": "https://bugzilla.suse.com/1244836"
},
{
"category": "self",
"summary": "SUSE Bug 1244838",
"url": "https://bugzilla.suse.com/1244838"
},
{
"category": "self",
"summary": "SUSE Bug 1244839",
"url": "https://bugzilla.suse.com/1244839"
},
{
"category": "self",
"summary": "SUSE Bug 1244840",
"url": "https://bugzilla.suse.com/1244840"
},
{
"category": "self",
"summary": "SUSE Bug 1244841",
"url": "https://bugzilla.suse.com/1244841"
},
{
"category": "self",
"summary": "SUSE Bug 1244842",
"url": "https://bugzilla.suse.com/1244842"
},
{
"category": "self",
"summary": "SUSE Bug 1244843",
"url": "https://bugzilla.suse.com/1244843"
},
{
"category": "self",
"summary": "SUSE Bug 1244845",
"url": "https://bugzilla.suse.com/1244845"
},
{
"category": "self",
"summary": "SUSE Bug 1244846",
"url": "https://bugzilla.suse.com/1244846"
},
{
"category": "self",
"summary": "SUSE Bug 1244848",
"url": "https://bugzilla.suse.com/1244848"
},
{
"category": "self",
"summary": "SUSE Bug 1244849",
"url": "https://bugzilla.suse.com/1244849"
},
{
"category": "self",
"summary": "SUSE Bug 1244851",
"url": "https://bugzilla.suse.com/1244851"
},
{
"category": "self",
"summary": "SUSE Bug 1244853",
"url": "https://bugzilla.suse.com/1244853"
},
{
"category": "self",
"summary": "SUSE Bug 1244854",
"url": "https://bugzilla.suse.com/1244854"
},
{
"category": "self",
"summary": "SUSE Bug 1244856",
"url": "https://bugzilla.suse.com/1244856"
},
{
"category": "self",
"summary": "SUSE Bug 1244860",
"url": "https://bugzilla.suse.com/1244860"
},
{
"category": "self",
"summary": "SUSE Bug 1244861",
"url": "https://bugzilla.suse.com/1244861"
},
{
"category": "self",
"summary": "SUSE Bug 1244866",
"url": "https://bugzilla.suse.com/1244866"
},
{
"category": "self",
"summary": "SUSE Bug 1244867",
"url": "https://bugzilla.suse.com/1244867"
},
{
"category": "self",
"summary": "SUSE Bug 1244868",
"url": "https://bugzilla.suse.com/1244868"
},
{
"category": "self",
"summary": "SUSE Bug 1244869",
"url": "https://bugzilla.suse.com/1244869"
},
{
"category": "self",
"summary": "SUSE Bug 1244870",
"url": "https://bugzilla.suse.com/1244870"
},
{
"category": "self",
"summary": "SUSE Bug 1244871",
"url": "https://bugzilla.suse.com/1244871"
},
{
"category": "self",
"summary": "SUSE Bug 1244872",
"url": "https://bugzilla.suse.com/1244872"
},
{
"category": "self",
"summary": "SUSE Bug 1244873",
"url": "https://bugzilla.suse.com/1244873"
},
{
"category": "self",
"summary": "SUSE Bug 1244875",
"url": "https://bugzilla.suse.com/1244875"
},
{
"category": "self",
"summary": "SUSE Bug 1244876",
"url": "https://bugzilla.suse.com/1244876"
},
{
"category": "self",
"summary": "SUSE Bug 1244878",
"url": "https://bugzilla.suse.com/1244878"
},
{
"category": "self",
"summary": "SUSE Bug 1244879",
"url": "https://bugzilla.suse.com/1244879"
},
{
"category": "self",
"summary": "SUSE Bug 1244881",
"url": "https://bugzilla.suse.com/1244881"
},
{
"category": "self",
"summary": "SUSE Bug 1244883",
"url": "https://bugzilla.suse.com/1244883"
},
{
"category": "self",
"summary": "SUSE Bug 1244884",
"url": "https://bugzilla.suse.com/1244884"
},
{
"category": "self",
"summary": "SUSE Bug 1244886",
"url": "https://bugzilla.suse.com/1244886"
},
{
"category": "self",
"summary": "SUSE Bug 1244887",
"url": "https://bugzilla.suse.com/1244887"
},
{
"category": "self",
"summary": "SUSE Bug 1244890",
"url": "https://bugzilla.suse.com/1244890"
},
{
"category": "self",
"summary": "SUSE Bug 1244895",
"url": "https://bugzilla.suse.com/1244895"
},
{
"category": "self",
"summary": "SUSE Bug 1244899",
"url": "https://bugzilla.suse.com/1244899"
},
{
"category": "self",
"summary": "SUSE Bug 1244900",
"url": "https://bugzilla.suse.com/1244900"
},
{
"category": "self",
"summary": "SUSE Bug 1244901",
"url": "https://bugzilla.suse.com/1244901"
},
{
"category": "self",
"summary": "SUSE Bug 1244902",
"url": "https://bugzilla.suse.com/1244902"
},
{
"category": "self",
"summary": "SUSE Bug 1244903",
"url": "https://bugzilla.suse.com/1244903"
},
{
"category": "self",
"summary": "SUSE Bug 1244908",
"url": "https://bugzilla.suse.com/1244908"
},
{
"category": "self",
"summary": "SUSE Bug 1244911",
"url": "https://bugzilla.suse.com/1244911"
},
{
"category": "self",
"summary": "SUSE Bug 1244915",
"url": "https://bugzilla.suse.com/1244915"
},
{
"category": "self",
"summary": "SUSE Bug 1244936",
"url": "https://bugzilla.suse.com/1244936"
},
{
"category": "self",
"summary": "SUSE Bug 1244941",
"url": "https://bugzilla.suse.com/1244941"
},
{
"category": "self",
"summary": "SUSE Bug 1244942",
"url": "https://bugzilla.suse.com/1244942"
},
{
"category": "self",
"summary": "SUSE Bug 1244943",
"url": "https://bugzilla.suse.com/1244943"
},
{
"category": "self",
"summary": "SUSE Bug 1244944",
"url": "https://bugzilla.suse.com/1244944"
},
{
"category": "self",
"summary": "SUSE Bug 1244945",
"url": "https://bugzilla.suse.com/1244945"
},
{
"category": "self",
"summary": "SUSE Bug 1244948",
"url": "https://bugzilla.suse.com/1244948"
},
{
"category": "self",
"summary": "SUSE Bug 1244949",
"url": "https://bugzilla.suse.com/1244949"
},
{
"category": "self",
"summary": "SUSE Bug 1244950",
"url": "https://bugzilla.suse.com/1244950"
},
{
"category": "self",
"summary": "SUSE Bug 1244956",
"url": "https://bugzilla.suse.com/1244956"
},
{
"category": "self",
"summary": "SUSE Bug 1244958",
"url": "https://bugzilla.suse.com/1244958"
},
{
"category": "self",
"summary": "SUSE Bug 1244959",
"url": "https://bugzilla.suse.com/1244959"
},
{
"category": "self",
"summary": "SUSE Bug 1244965",
"url": "https://bugzilla.suse.com/1244965"
},
{
"category": "self",
"summary": "SUSE Bug 1244966",
"url": "https://bugzilla.suse.com/1244966"
},
{
"category": "self",
"summary": "SUSE Bug 1244967",
"url": "https://bugzilla.suse.com/1244967"
},
{
"category": "self",
"summary": "SUSE Bug 1244968",
"url": "https://bugzilla.suse.com/1244968"
},
{
"category": "self",
"summary": "SUSE Bug 1244969",
"url": "https://bugzilla.suse.com/1244969"
},
{
"category": "self",
"summary": "SUSE Bug 1244970",
"url": "https://bugzilla.suse.com/1244970"
},
{
"category": "self",
"summary": "SUSE Bug 1244974",
"url": "https://bugzilla.suse.com/1244974"
},
{
"category": "self",
"summary": "SUSE Bug 1244976",
"url": "https://bugzilla.suse.com/1244976"
},
{
"category": "self",
"summary": "SUSE Bug 1244977",
"url": "https://bugzilla.suse.com/1244977"
},
{
"category": "self",
"summary": "SUSE Bug 1244978",
"url": "https://bugzilla.suse.com/1244978"
},
{
"category": "self",
"summary": "SUSE Bug 1244979",
"url": "https://bugzilla.suse.com/1244979"
},
{
"category": "self",
"summary": "SUSE Bug 1244983",
"url": "https://bugzilla.suse.com/1244983"
},
{
"category": "self",
"summary": "SUSE Bug 1244984",
"url": "https://bugzilla.suse.com/1244984"
},
{
"category": "self",
"summary": "SUSE Bug 1244985",
"url": "https://bugzilla.suse.com/1244985"
},
{
"category": "self",
"summary": "SUSE Bug 1244986",
"url": "https://bugzilla.suse.com/1244986"
},
{
"category": "self",
"summary": "SUSE Bug 1244991",
"url": "https://bugzilla.suse.com/1244991"
},
{
"category": "self",
"summary": "SUSE Bug 1244992",
"url": "https://bugzilla.suse.com/1244992"
},
{
"category": "self",
"summary": "SUSE Bug 1244993",
"url": "https://bugzilla.suse.com/1244993"
},
{
"category": "self",
"summary": "SUSE Bug 1245006",
"url": "https://bugzilla.suse.com/1245006"
},
{
"category": "self",
"summary": "SUSE Bug 1245007",
"url": "https://bugzilla.suse.com/1245007"
},
{
"category": "self",
"summary": "SUSE Bug 1245009",
"url": "https://bugzilla.suse.com/1245009"
},
{
"category": "self",
"summary": "SUSE Bug 1245011",
"url": "https://bugzilla.suse.com/1245011"
},
{
"category": "self",
"summary": "SUSE Bug 1245012",
"url": "https://bugzilla.suse.com/1245012"
},
{
"category": "self",
"summary": "SUSE Bug 1245018",
"url": "https://bugzilla.suse.com/1245018"
},
{
"category": "self",
"summary": "SUSE Bug 1245019",
"url": "https://bugzilla.suse.com/1245019"
},
{
"category": "self",
"summary": "SUSE Bug 1245024",
"url": "https://bugzilla.suse.com/1245024"
},
{
"category": "self",
"summary": "SUSE Bug 1245028",
"url": "https://bugzilla.suse.com/1245028"
},
{
"category": "self",
"summary": "SUSE Bug 1245031",
"url": "https://bugzilla.suse.com/1245031"
},
{
"category": "self",
"summary": "SUSE Bug 1245032",
"url": "https://bugzilla.suse.com/1245032"
},
{
"category": "self",
"summary": "SUSE Bug 1245033",
"url": "https://bugzilla.suse.com/1245033"
},
{
"category": "self",
"summary": "SUSE Bug 1245038",
"url": "https://bugzilla.suse.com/1245038"
},
{
"category": "self",
"summary": "SUSE Bug 1245039",
"url": "https://bugzilla.suse.com/1245039"
},
{
"category": "self",
"summary": "SUSE Bug 1245041",
"url": "https://bugzilla.suse.com/1245041"
},
{
"category": "self",
"summary": "SUSE Bug 1245047",
"url": "https://bugzilla.suse.com/1245047"
},
{
"category": "self",
"summary": "SUSE Bug 1245051",
"url": "https://bugzilla.suse.com/1245051"
},
{
"category": "self",
"summary": "SUSE Bug 1245057",
"url": "https://bugzilla.suse.com/1245057"
},
{
"category": "self",
"summary": "SUSE Bug 1245058",
"url": "https://bugzilla.suse.com/1245058"
},
{
"category": "self",
"summary": "SUSE Bug 1245060",
"url": "https://bugzilla.suse.com/1245060"
},
{
"category": "self",
"summary": "SUSE Bug 1245062",
"url": "https://bugzilla.suse.com/1245062"
},
{
"category": "self",
"summary": "SUSE Bug 1245064",
"url": "https://bugzilla.suse.com/1245064"
},
{
"category": "self",
"summary": "SUSE Bug 1245069",
"url": "https://bugzilla.suse.com/1245069"
},
{
"category": "self",
"summary": "SUSE Bug 1245072",
"url": "https://bugzilla.suse.com/1245072"
},
{
"category": "self",
"summary": "SUSE Bug 1245073",
"url": "https://bugzilla.suse.com/1245073"
},
{
"category": "self",
"summary": "SUSE Bug 1245088",
"url": "https://bugzilla.suse.com/1245088"
},
{
"category": "self",
"summary": "SUSE Bug 1245089",
"url": "https://bugzilla.suse.com/1245089"
},
{
"category": "self",
"summary": "SUSE Bug 1245092",
"url": "https://bugzilla.suse.com/1245092"
},
{
"category": "self",
"summary": "SUSE Bug 1245093",
"url": "https://bugzilla.suse.com/1245093"
},
{
"category": "self",
"summary": "SUSE Bug 1245098",
"url": "https://bugzilla.suse.com/1245098"
},
{
"category": "self",
"summary": "SUSE Bug 1245103",
"url": "https://bugzilla.suse.com/1245103"
},
{
"category": "self",
"summary": "SUSE Bug 1245117",
"url": "https://bugzilla.suse.com/1245117"
},
{
"category": "self",
"summary": "SUSE Bug 1245118",
"url": "https://bugzilla.suse.com/1245118"
},
{
"category": "self",
"summary": "SUSE Bug 1245119",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "self",
"summary": "SUSE Bug 1245121",
"url": "https://bugzilla.suse.com/1245121"
},
{
"category": "self",
"summary": "SUSE Bug 1245122",
"url": "https://bugzilla.suse.com/1245122"
},
{
"category": "self",
"summary": "SUSE Bug 1245125",
"url": "https://bugzilla.suse.com/1245125"
},
{
"category": "self",
"summary": "SUSE Bug 1245129",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "self",
"summary": "SUSE Bug 1245131",
"url": "https://bugzilla.suse.com/1245131"
},
{
"category": "self",
"summary": "SUSE Bug 1245133",
"url": "https://bugzilla.suse.com/1245133"
},
{
"category": "self",
"summary": "SUSE Bug 1245134",
"url": "https://bugzilla.suse.com/1245134"
},
{
"category": "self",
"summary": "SUSE Bug 1245135",
"url": "https://bugzilla.suse.com/1245135"
},
{
"category": "self",
"summary": "SUSE Bug 1245136",
"url": "https://bugzilla.suse.com/1245136"
},
{
"category": "self",
"summary": "SUSE Bug 1245138",
"url": "https://bugzilla.suse.com/1245138"
},
{
"category": "self",
"summary": "SUSE Bug 1245139",
"url": "https://bugzilla.suse.com/1245139"
},
{
"category": "self",
"summary": "SUSE Bug 1245140",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "self",
"summary": "SUSE Bug 1245142",
"url": "https://bugzilla.suse.com/1245142"
},
{
"category": "self",
"summary": "SUSE Bug 1245146",
"url": "https://bugzilla.suse.com/1245146"
},
{
"category": "self",
"summary": "SUSE Bug 1245147",
"url": "https://bugzilla.suse.com/1245147"
},
{
"category": "self",
"summary": "SUSE Bug 1245149",
"url": "https://bugzilla.suse.com/1245149"
},
{
"category": "self",
"summary": "SUSE Bug 1245152",
"url": "https://bugzilla.suse.com/1245152"
},
{
"category": "self",
"summary": "SUSE Bug 1245154",
"url": "https://bugzilla.suse.com/1245154"
},
{
"category": "self",
"summary": "SUSE Bug 1245180",
"url": "https://bugzilla.suse.com/1245180"
},
{
"category": "self",
"summary": "SUSE Bug 1245183",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "self",
"summary": "SUSE Bug 1245189",
"url": "https://bugzilla.suse.com/1245189"
},
{
"category": "self",
"summary": "SUSE Bug 1245191",
"url": "https://bugzilla.suse.com/1245191"
},
{
"category": "self",
"summary": "SUSE Bug 1245195",
"url": "https://bugzilla.suse.com/1245195"
},
{
"category": "self",
"summary": "SUSE Bug 1245197",
"url": "https://bugzilla.suse.com/1245197"
},
{
"category": "self",
"summary": "SUSE Bug 1245265",
"url": "https://bugzilla.suse.com/1245265"
},
{
"category": "self",
"summary": "SUSE Bug 1245348",
"url": "https://bugzilla.suse.com/1245348"
},
{
"category": "self",
"summary": "SUSE Bug 1245431",
"url": "https://bugzilla.suse.com/1245431"
},
{
"category": "self",
"summary": "SUSE Bug 1245455",
"url": "https://bugzilla.suse.com/1245455"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47557 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47595 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-1679 page",
"url": "https://www.suse.com/security/cve/CVE-2022-1679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2585 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2586 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-2905 page",
"url": "https://www.suse.com/security/cve/CVE-2022-2905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3903 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-4662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-4662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49934 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49936 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49937 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49942 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49946 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49948 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49954 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49957 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49958 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49960 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49964 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49966 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49968 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49969 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49977 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49978 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49981 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49982 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49983 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49984 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49985 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49986 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49987 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49989 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49990 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49993 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49995 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49999 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50005 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50006 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50008 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50010 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50011 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50012 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50019 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50020 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50021 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50022 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50023 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50024 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50026 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50027 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50028 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50030 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50031 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50032 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50033 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50034 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50039 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50040 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50045 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50046 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50047 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50051 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50053 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50059 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50060 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50061 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50062 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50065 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50066 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50067 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50068 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50072 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50076 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50077 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50079 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50087 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50092 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50092/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50093 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50094 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50097 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50098 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50100 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50101 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50102 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50103 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50104 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50108 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50109 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50110 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50111 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50112 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50116 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50118 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50120 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50121 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50124 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50127 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50131 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50132 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50132/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50134 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50136 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50137 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50138 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50141 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50143 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50143/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50145 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50146 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50149 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50151 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50151/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50153 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50155 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50156 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50157 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50158 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50160 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50161 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50162 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50164 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50165 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50172 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50173 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50175 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50176 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50178 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50181 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50190 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50191 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50192 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50196 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50197 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50198 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50199 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50200 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50201 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50202 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50202/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50203 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50204 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50206 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50207 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50208 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50209 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50211 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50212 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50213 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50215 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50220 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50222 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50222/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50226 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50228 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50229 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50231 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3111 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53048 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53076 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53097 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26808 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27397 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23141 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-07-15T14:31:46Z",
"generator": {
"date": "2025-07-15T14:31:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02322-1",
"initial_release_date": "2025-07-15T14:31:46Z",
"revision_history": [
{
"date": "2025-07-15T14:31:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150400.15.124.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150400.15.124.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150400.15.124.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150400.15.124.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150400.15.124.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150400.15.124.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150400.15.124.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.124.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.124.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150400.15.124.1.noarch as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150400.15.124.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150400.15.124.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150400.15.124.1.noarch as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t peek at classes beyond \u0027nbands\u0027\n\nwhen the number of DRR classes decreases, the round-robin active list can\ncontain elements that have already been freed in ets_qdisc_change(). As a\nconsequence, it\u0027s possible to see a NULL dereference crash, caused by the\nattempt to call cl-\u003eqdisc-\u003eops-\u003epeek(cl-\u003eqdisc) when cl-\u003eqdisc is NULL:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 910 Comm: mausezahn Not tainted 5.16.0-rc1+ #475\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:ets_qdisc_dequeue+0x129/0x2c0 [sch_ets]\n Code: c5 01 41 39 ad e4 02 00 00 0f 87 18 ff ff ff 49 8b 85 c0 02 00 00 49 39 c4 0f 84 ba 00 00 00 49 8b ad c0 02 00 00 48 8b 7d 10 \u003c48\u003e 8b 47 18 48 8b 40 38 0f ae e8 ff d0 48 89 c3 48 85 c0 0f 84 9d\n RSP: 0000:ffffbb36c0b5fdd8 EFLAGS: 00010287\n RAX: ffff956678efed30 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff9b938dc9 RDI: 0000000000000000\n RBP: ffff956678efed30 R08: e2f3207fe360129c R09: 0000000000000000\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff956678efeac0\n R13: ffff956678efe800 R14: ffff956611545000 R15: ffff95667ac8f100\n FS: 00007f2aa9120740(0000) GS:ffff95667b800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000018 CR3: 000000011070c000 CR4: 0000000000350ee0\n Call Trace:\n \u003cTASK\u003e\n qdisc_peek_dequeued+0x29/0x70 [sch_ets]\n tbf_dequeue+0x22/0x260 [sch_tbf]\n __qdisc_run+0x7f/0x630\n net_tx_action+0x290/0x4c0\n __do_softirq+0xee/0x4f8\n irq_exit_rcu+0xf4/0x130\n sysvec_apic_timer_interrupt+0x52/0xc0\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n RIP: 0033:0x7f2aa7fc9ad4\n Code: b9 ff ff 48 8b 54 24 18 48 83 c4 08 48 89 ee 48 89 df 5b 5d e9 ed fc ff ff 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa \u003c53\u003e 48 83 ec 10 48 8b 05 10 64 33 00 48 8b 00 48 85 c0 0f 85 84 00\n RSP: 002b:00007ffe5d33fab8 EFLAGS: 00000202\n RAX: 0000000000000002 RBX: 0000561f72c31460 RCX: 0000561f72c31720\n RDX: 0000000000000002 RSI: 0000561f72c31722 RDI: 0000561f72c31720\n RBP: 000000000000002a R08: 00007ffe5d33fa40 R09: 0000000000000014\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000561f7187e380\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000561f72c31460\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt intel_rapl_msr iTCO_vendor_support intel_rapl_common joydev virtio_balloon lpc_ich i2c_i801 i2c_smbus pcspkr ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel ahci libahci ghash_clmulni_intel serio_raw libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod\n CR2: 0000000000000018\n\nEnsuring that \u0027alist\u0027 was never zeroed [1] was not sufficient, we need to\nremove from the active list those elements that are no more SP nor DRR.\n\n[1] https://lore.kernel.org/netdev/60d274838bf09777f0371253416e8af71360bc08.1633609148.git.dcaratti@redhat.com/\n\nv3: fix race between ets_qdisc_change() and ets_qdisc_dequeue() delisting\n DRR classes beyond \u0027nbands\u0027 in ets_qdisc_change() with the qdisc lock\n acquired, thanks to Cong Wang.\n\nv2: when a NULL qdisc is found in the DRR active list, try to dequeue skb\n from the next list item.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47557",
"url": "https://www.suse.com/security/cve/CVE-2021-47557"
},
{
"category": "external",
"summary": "SUSE Bug 1225468 for CVE-2021-47557",
"url": "https://bugzilla.suse.com/1225468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2021-47557"
},
{
"cve": "CVE-2021-47595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_ets: don\u0027t remove idle classes from the round-robin list\n\nShuang reported that the following script:\n\n 1) tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7\n 2) mausezahn ddd0 -A 10.10.10.1 -B 10.10.10.2 -c 0 -a own -b 00:c1:a0:c1:a0:00 -t udp \u0026\n 3) tc qdisc change dev ddd0 handle 10: ets bands 4 strict 2 quanta 2500 2500 priomap 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3\n\ncrashes systematically when line 2) is commented:\n\n list_del corruption, ffff8e028404bd30-\u003enext is LIST_POISON1 (dead000000000100)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:47!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 954 Comm: tc Not tainted 5.16.0-rc4+ #478\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000682f48 CR3: 00000001058be000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x58b/0xa70 [sch_ets]\n tc_modify_qdisc+0x323/0x880\n rtnetlink_rcv_msg+0x169/0x4a0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1a5/0x280\n netlink_sendmsg+0x257/0x4d0\n sock_sendmsg+0x5b/0x60\n ____sys_sendmsg+0x1f2/0x260\n ___sys_sendmsg+0x7c/0xc0\n __sys_sendmsg+0x57/0xa0\n do_syscall_64+0x3a/0x80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7efdc8031338\n Code: 89 02 48 c7 c0 ff ff ff ff eb b5 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 8d 05 25 43 2c 00 8b 00 85 c0 75 17 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 58 c3 0f 1f 80 00 00 00 00 41 54 41 89 d4 55\n RSP: 002b:00007ffdf1ce9828 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000061b37a97 RCX: 00007efdc8031338\n RDX: 0000000000000000 RSI: 00007ffdf1ce9890 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000078a940\n R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001\n R13: 0000000000688880 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n Modules linked in: sch_ets sch_tbf dummy rfkill iTCO_wdt iTCO_vendor_support intel_rapl_msr intel_rapl_common joydev pcspkr i2c_i801 virtio_balloon i2c_smbus lpc_ich ip_tables xfs libcrc32c crct10dif_pclmul crc32_pclmul crc32c_intel serio_raw ghash_clmulni_intel ahci libahci libata virtio_blk virtio_console virtio_net net_failover failover sunrpc dm_mirror dm_region_hash dm_log dm_mod [last unloaded: sch_ets]\n ---[ end trace f35878d1912655c2 ]---\n RIP: 0010:__list_del_entry_valid.cold.1+0x12/0x47\n Code: fe ff 0f 0b 48 89 c1 4c 89 c6 48 c7 c7 08 42 1b 87 e8 1d c5 fe ff 0f 0b 48 89 fe 48 89 c2 48 c7 c7 98 42 1b 87 e8 09 c5 fe ff \u003c0f\u003e 0b 48 c7 c7 48 43 1b 87 e8 fb c4 fe ff 0f 0b 48 89 f2 48 89 fe\n RSP: 0018:ffffae46807a3888 EFLAGS: 00010246\n RAX: 000000000000004e RBX: 0000000000000007 RCX: 0000000000000202\n RDX: 0000000000000000 RSI: ffffffff871ac536 RDI: 00000000ffffffff\n RBP: ffffae46807a3a10 R08: 0000000000000000 R09: c0000000ffff7fff\n R10: 0000000000000001 R11: ffffae46807a36a8 R12: ffff8e028404b800\n R13: ffff8e028404bd30 R14: dead000000000100 R15: ffff8e02fafa2400\n FS: 00007efdc92e4480(0000) GS:ffff8e02fb600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47595",
"url": "https://www.suse.com/security/cve/CVE-2021-47595"
},
{
"category": "external",
"summary": "SUSE Bug 1226552 for CVE-2021-47595",
"url": "https://bugzilla.suse.com/1226552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2021-47595"
},
{
"cve": "CVE-2022-1679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-1679"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux kernel\u0027s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-1679",
"url": "https://www.suse.com/security/cve/CVE-2022-1679"
},
{
"category": "external",
"summary": "SUSE Bug 1199487 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1199487"
},
{
"category": "external",
"summary": "SUSE Bug 1201080 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201080"
},
{
"category": "external",
"summary": "SUSE Bug 1201832 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1201832"
},
{
"category": "external",
"summary": "SUSE Bug 1204132 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1204132"
},
{
"category": "external",
"summary": "SUSE Bug 1212316 for CVE-2022-1679",
"url": "https://bugzilla.suse.com/1212316"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-1679"
},
{
"cve": "CVE-2022-2585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2585"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that when exec\u0027ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2585",
"url": "https://www.suse.com/security/cve/CVE-2022-2585"
},
{
"category": "external",
"summary": "SUSE Bug 1202094 for CVE-2022-2585",
"url": "https://bugzilla.suse.com/1202094"
},
{
"category": "external",
"summary": "SUSE Bug 1202163 for CVE-2022-2585",
"url": "https://bugzilla.suse.com/1202163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-2585"
},
{
"cve": "CVE-2022-2586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2586"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2586",
"url": "https://www.suse.com/security/cve/CVE-2022-2586"
},
{
"category": "external",
"summary": "SUSE Bug 1202095 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1202095"
},
{
"category": "external",
"summary": "SUSE Bug 1209719 for CVE-2022-2586",
"url": "https://bugzilla.suse.com/1209719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-2586"
},
{
"cve": "CVE-2022-2905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-2905"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory read flaw was found in the Linux kernel\u0027s BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-2905",
"url": "https://www.suse.com/security/cve/CVE-2022-2905"
},
{
"category": "external",
"summary": "SUSE Bug 1202860 for CVE-2022-2905",
"url": "https://bugzilla.suse.com/1202860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-2905"
},
{
"cve": "CVE-2022-3903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3903"
}
],
"notes": [
{
"category": "general",
"text": "An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3903",
"url": "https://www.suse.com/security/cve/CVE-2022-3903"
},
{
"category": "external",
"summary": "SUSE Bug 1205220 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1205220"
},
{
"category": "external",
"summary": "SUSE Bug 1212297 for CVE-2022-3903",
"url": "https://bugzilla.suse.com/1212297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-3903"
},
{
"cve": "CVE-2022-4095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4095"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c, allowing an attacker to launch a local denial of service attack and gain escalation of privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4095",
"url": "https://www.suse.com/security/cve/CVE-2022-4095"
},
{
"category": "external",
"summary": "SUSE Bug 1205514 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205514"
},
{
"category": "external",
"summary": "SUSE Bug 1205594 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1205594"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1212319 for CVE-2022-4095",
"url": "https://bugzilla.suse.com/1212319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-4095"
},
{
"cve": "CVE-2022-4662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-4662"
}
],
"notes": [
{
"category": "general",
"text": "A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-4662",
"url": "https://www.suse.com/security/cve/CVE-2022-4662"
},
{
"category": "external",
"summary": "SUSE Bug 1206664 for CVE-2022-4662",
"url": "https://bugzilla.suse.com/1206664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-4662"
},
{
"cve": "CVE-2022-49934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Fix UAF in ieee80211_scan_rx()\n\nieee80211_scan_rx() tries to access scan_req-\u003eflags after a\nnull check, but a UAF is observed when the scan is completed\nand __ieee80211_scan_completed() executes, which then calls\ncfg80211_scan_done() leading to the freeing of scan_req.\n\nSince scan_req is rcu_dereference()\u0027d, prevent the racing in\n__ieee80211_scan_completed() by ensuring that from mac80211\u0027s\nPOV it is no longer accessed from an RCU read critical section\nbefore we call cfg80211_scan_done().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49934",
"url": "https://www.suse.com/security/cve/CVE-2022-49934"
},
{
"category": "external",
"summary": "SUSE Bug 1245051 for CVE-2022-49934",
"url": "https://bugzilla.suse.com/1245051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49934"
},
{
"cve": "CVE-2022-49936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Prevent nested device-reset calls\n\nAutomatic kernel fuzzing revealed a recursive locking violation in\nusb-storage:\n\n============================================\nWARNING: possible recursive locking detected\n5.18.0 #3 Not tainted\n--------------------------------------------\nkworker/1:3/1205 is trying to acquire lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\nbut task is already holding lock:\nffff888018638db8 (\u0026us_interface_key[i]){+.+.}-{3:3}, at:\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\n\n...\n\nstack backtrace:\nCPU: 1 PID: 1205 Comm: kworker/1:3 Not tainted 5.18.0 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_deadlock_bug kernel/locking/lockdep.c:2988 [inline]\ncheck_deadlock kernel/locking/lockdep.c:3031 [inline]\nvalidate_chain kernel/locking/lockdep.c:3816 [inline]\n__lock_acquire.cold+0x152/0x3ca kernel/locking/lockdep.c:5053\nlock_acquire kernel/locking/lockdep.c:5665 [inline]\nlock_acquire+0x1ab/0x520 kernel/locking/lockdep.c:5630\n__mutex_lock_common kernel/locking/mutex.c:603 [inline]\n__mutex_lock+0x14f/0x1610 kernel/locking/mutex.c:747\nusb_stor_pre_reset+0x35/0x40 drivers/usb/storage/usb.c:230\nusb_reset_device+0x37d/0x9a0 drivers/usb/core/hub.c:6109\nr871xu_dev_remove+0x21a/0x270 drivers/staging/rtl8712/usb_intf.c:622\nusb_unbind_interface+0x1bd/0x890 drivers/usb/core/driver.c:458\ndevice_remove drivers/base/dd.c:545 [inline]\ndevice_remove+0x11f/0x170 drivers/base/dd.c:537\n__device_release_driver drivers/base/dd.c:1222 [inline]\ndevice_release_driver_internal+0x1a7/0x2f0 drivers/base/dd.c:1248\nusb_driver_release_interface+0x102/0x180 drivers/usb/core/driver.c:627\nusb_forced_unbind_intf+0x4d/0xa0 drivers/usb/core/driver.c:1118\nusb_reset_device+0x39b/0x9a0 drivers/usb/core/hub.c:6114\n\nThis turned out not to be an error in usb-storage but rather a nested\ndevice reset attempt. That is, as the rtl8712 driver was being\nunbound from a composite device in preparation for an unrelated USB\nreset (that driver does not have pre_reset or post_reset callbacks),\nits -\u003eremove routine called usb_reset_device() -- thus nesting one\nreset call within another.\n\nPerforming a reset as part of disconnect processing is a questionable\npractice at best. However, the bug report points out that the USB\ncore does not have any protection against nested resets. Adding a\nreset_in_progress flag and testing it will prevent such errors in the\nfuture.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49936",
"url": "https://www.suse.com/security/cve/CVE-2022-49936"
},
{
"category": "external",
"summary": "SUSE Bug 1244984 for CVE-2022-49936",
"url": "https://bugzilla.suse.com/1244984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49936"
},
{
"cve": "CVE-2022-49937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mceusb: Use new usb_control_msg_*() routines\n\nAutomatic kernel fuzzing led to a WARN about invalid pipe direction in\nthe mceusb driver:\n\n------------[ cut here ]------------\nusb 6-1: BOGUS control dir, pipe 80000380 doesn\u0027t match bRequestType 40\nWARNING: CPU: 0 PID: 2465 at drivers/usb/core/urb.c:410\nusb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nModules linked in:\nCPU: 0 PID: 2465 Comm: kworker/0:2 Not tainted 5.19.0-rc4-00208-g69cb6c6556ad #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0x1326/0x1820 drivers/usb/core/urb.c:410\nCode: 7c 24 40 e8 ac 23 91 fd 48 8b 7c 24 40 e8 b2 70 1b ff 45 89 e8\n44 89 f1 4c 89 e2 48 89 c6 48 c7 c7 a0 30 a9 86 e8 48 07 11 02 \u003c0f\u003e 0b\ne9 1c f0 ff ff e8 7e 23 91 fd 0f b6 1d 63 22 83 05 31 ff 41\nRSP: 0018:ffffc900032becf0 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff8881100f3058 RCX: 0000000000000000\nRDX: ffffc90004961000 RSI: ffff888114c6d580 RDI: fffff52000657d90\nRBP: ffff888105ad90f0 R08: ffffffff812c3638 R09: 0000000000000000\nR10: 0000000000000005 R11: ffffed1023504ef1 R12: ffff888105ad9000\nR13: 0000000000000040 R14: 0000000080000380 R15: ffff88810ba96500\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe810bda58 CR3: 000000010b720000 CR4: 0000000000350ef0\nCall Trace:\n\u003cTASK\u003e\nusb_start_wait_urb+0x101/0x4c0 drivers/usb/core/message.c:58\nusb_internal_control_msg drivers/usb/core/message.c:102 [inline]\nusb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153\nmceusb_gen1_init drivers/media/rc/mceusb.c:1431 [inline]\nmceusb_dev_probe+0x258e/0x33f0 drivers/media/rc/mceusb.c:1807\n\nThe reason for the warning is clear enough; the driver sends an\nunusual read request on endpoint 0 but does not set the USB_DIR_IN bit\nin the bRequestType field.\n\nMore importantly, the whole situation can be avoided and the driver\nsimplified by converting it over to the relatively new\nusb_control_msg_recv() and usb_control_msg_send() routines. That\u0027s\nwhat this fix does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49937",
"url": "https://www.suse.com/security/cve/CVE-2022-49937"
},
{
"category": "external",
"summary": "SUSE Bug 1245057 for CVE-2022-49937",
"url": "https://bugzilla.suse.com/1245057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49937"
},
{
"cve": "CVE-2022-49938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix small mempool leak in SMB2_negotiate()\n\nIn some cases of failure (dialect mismatches) in SMB2_negotiate(), after\nthe request is sent, the checks would return -EIO when they should be\nrather setting rc = -EIO and jumping to neg_exit to free the response\nbuffer from mempool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49938",
"url": "https://www.suse.com/security/cve/CVE-2022-49938"
},
{
"category": "external",
"summary": "SUSE Bug 1244820 for CVE-2022-49938",
"url": "https://bugzilla.suse.com/1244820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "low"
}
],
"title": "CVE-2022-49938"
},
{
"cve": "CVE-2022-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: add sanity check for gsm-\u003ereceive in gsm_receive_buf()\n\nA null pointer dereference can happen when attempting to access the\n\"gsm-\u003ereceive()\" function in gsmld_receive_buf(). Currently, the code\nassumes that gsm-\u003erecieve is only called after MUX activation.\nSince the gsmld_receive_buf() function can be accessed without the need to\ninitialize the MUX, the gsm-\u003ereceive() function will not be set and a\nNULL pointer dereference will occur.\n\nFix this by avoiding the call to \"gsm-\u003ereceive()\" in case the function is\nnot initialized by adding a sanity check.\n\nCall Trace:\n \u003cTASK\u003e\n gsmld_receive_buf+0x1c2/0x2f0 drivers/tty/n_gsm.c:2861\n tiocsti drivers/tty/tty_io.c:2293 [inline]\n tty_ioctl+0xa75/0x15d0 drivers/tty/tty_io.c:2692\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49940",
"url": "https://www.suse.com/security/cve/CVE-2022-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1244866 for CVE-2022-49940",
"url": "https://bugzilla.suse.com/1244866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49940"
},
{
"cve": "CVE-2022-49942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49942"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: Don\u0027t finalize CSA in IBSS mode if state is disconnected\n\nWhen we are not connected to a channel, sending channel \"switch\"\nannouncement doesn\u0027t make any sense.\n\nThe BSS list is empty in that case. This causes the for loop in\ncfg80211_get_bss() to be bypassed, so the function returns NULL\n(check line 1424 of net/wireless/scan.c), causing the WARN_ON()\nin ieee80211_ibss_csa_beacon() to get triggered (check line 500\nof net/mac80211/ibss.c), which was consequently reported on the\nsyzkaller dashboard.\n\nThus, check if we have an existing connection before generating\nthe CSA beacon in ieee80211_ibss_finish_csa().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49942",
"url": "https://www.suse.com/security/cve/CVE-2022-49942"
},
{
"category": "external",
"summary": "SUSE Bug 1244881 for CVE-2022-49942",
"url": "https://bugzilla.suse.com/1244881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49942"
},
{
"cve": "CVE-2022-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (gpio-fan) Fix array out of bounds access\n\nThe driver does not check if the cooling state passed to\ngpio_fan_set_cur_state() exceeds the maximum cooling state as\nstored in fan_data-\u003enum_speeds. Since the cooling state is later\nused as an array index in set_fan_speed(), an array out of bounds\naccess can occur.\nThis can be exploited by setting the state of the thermal cooling device\nto arbitrary values, causing for example a kernel oops when unavailable\nmemory is accessed this way.\n\nExample kernel oops:\n[ 807.987276] Unable to handle kernel paging request at virtual address ffffff80d0588064\n[ 807.987369] Mem abort info:\n[ 807.987398] ESR = 0x96000005\n[ 807.987428] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 807.987477] SET = 0, FnV = 0\n[ 807.987507] EA = 0, S1PTW = 0\n[ 807.987536] FSC = 0x05: level 1 translation fault\n[ 807.987570] Data abort info:\n[ 807.987763] ISV = 0, ISS = 0x00000005\n[ 807.987801] CM = 0, WnR = 0\n[ 807.987832] swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000001165000\n[ 807.987872] [ffffff80d0588064] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 807.987961] Internal error: Oops: 96000005 [#1] PREEMPT SMP\n[ 807.987992] Modules linked in: cmac algif_hash aes_arm64 algif_skcipher af_alg bnep hci_uart btbcm bluetooth ecdh_generic ecc 8021q garp stp llc snd_soc_hdmi_codec brcmfmac vc4 brcmutil cec drm_kms_helper snd_soc_core cfg80211 snd_compress bcm2835_codec(C) snd_pcm_dmaengine syscopyarea bcm2835_isp(C) bcm2835_v4l2(C) sysfillrect v4l2_mem2mem bcm2835_mmal_vchiq(C) raspberrypi_hwmon sysimgblt videobuf2_dma_contig videobuf2_vmalloc fb_sys_fops videobuf2_memops rfkill videobuf2_v4l2 videobuf2_common i2c_bcm2835 snd_bcm2835(C) videodev snd_pcm snd_timer snd mc vc_sm_cma(C) gpio_fan uio_pdrv_genirq uio drm fuse drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 807.988508] CPU: 0 PID: 1321 Comm: bash Tainted: G C 5.15.56-v8+ #1575\n[ 807.988548] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 807.988574] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 807.988608] pc : set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.988654] lr : gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.988691] sp : ffffffc008cf3bd0\n[ 807.988710] x29: ffffffc008cf3bd0 x28: ffffff80019edac0 x27: 0000000000000000\n[ 807.988762] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800747c920\n[ 807.988787] x23: 000000000000000a x22: ffffff800369f000 x21: 000000001999997c\n[ 807.988854] x20: ffffff800369f2e8 x19: ffffff8002ae8080 x18: 0000000000000000\n[ 807.988877] x17: 0000000000000000 x16: 0000000000000000 x15: 000000559e271b70\n[ 807.988938] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 807.988960] x11: 0000000000000000 x10: ffffffc008cf3c20 x9 : ffffffcfb60c741c\n[ 807.989018] x8 : 000000000000000a x7 : 00000000ffffffc9 x6 : 0000000000000009\n[ 807.989040] x5 : 000000000000002a x4 : 0000000000000000 x3 : ffffff800369f2e8\n[ 807.989062] x2 : 000000000000e780 x1 : 0000000000000001 x0 : ffffff80d0588060\n[ 807.989084] Call trace:\n[ 807.989091] set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.989113] gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.989199] cur_state_store+0x84/0xd0\n[ 807.989221] dev_attr_store+0x20/0x38\n[ 807.989262] sysfs_kf_write+0x4c/0x60\n[ 807.989282] kernfs_fop_write_iter+0x130/0x1c0\n[ 807.989298] new_sync_write+0x10c/0x190\n[ 807.989315] vfs_write+0x254/0x378\n[ 807.989362] ksys_write+0x70/0xf8\n[ 807.989379] __arm64_sys_write+0x24/0x30\n[ 807.989424] invoke_syscall+0x4c/0x110\n[ 807.989442] el0_svc_common.constprop.3+0xfc/0x120\n[ 807.989458] do_el0_svc+0x2c/0x90\n[ 807.989473] el0_svc+0x24/0x60\n[ 807.989544] el0t_64_sync_handler+0x90/0xb8\n[ 807.989558] el0t_64_sync+0x1a0/0x1a4\n[ 807.989579] Code: b9403801 f9402800 7100003f 8b35cc00 (b9400416)\n[ 807.989627] ---[ end t\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49945",
"url": "https://www.suse.com/security/cve/CVE-2022-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1244908 for CVE-2022-49945",
"url": "https://bugzilla.suse.com/1244908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49945"
},
{
"cve": "CVE-2022-49946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: bcm: rpi: Prevent out-of-bounds access\n\nThe while loop in raspberrypi_discover_clocks() relies on the assumption\nthat the id of the last clock element is zero. Because this data comes\nfrom the Videocore firmware and it doesn\u0027t guarantuee such a behavior\nthis could lead to out-of-bounds access. So fix this by providing\na sentinel element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49946",
"url": "https://www.suse.com/security/cve/CVE-2022-49946"
},
{
"category": "external",
"summary": "SUSE Bug 1244944 for CVE-2022-49946",
"url": "https://bugzilla.suse.com/1244944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49946"
},
{
"cve": "CVE-2022-49948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: Clear selection before changing the font\n\nWhen changing the console font with ioctl(KDFONTOP) the new font size\ncan be bigger than the previous font. A previous selection may thus now\nbe outside of the new screen size and thus trigger out-of-bounds\naccesses to graphics memory if the selection is removed in\nvc_do_resize().\n\nPrevent such out-of-memory accesses by dropping the selection before the\nvarious con_font_set() console handlers are called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49948",
"url": "https://www.suse.com/security/cve/CVE-2022-49948"
},
{
"category": "external",
"summary": "SUSE Bug 1245058 for CVE-2022-49948",
"url": "https://bugzilla.suse.com/1245058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49948"
},
{
"cve": "CVE-2022-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on open\n\nThe probe session-duplication overflow check incremented the session\ncount also when there were no more available sessions so that memory\nbeyond the fixed-size slab-allocated session array could be corrupted in\nfastrpc_session_alloc() on open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49950",
"url": "https://www.suse.com/security/cve/CVE-2022-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1244958 for CVE-2022-49950",
"url": "https://bugzilla.suse.com/1244958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49950"
},
{
"cve": "CVE-2022-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix memory corruption on probe\n\nAdd the missing sanity check on the probed-session count to avoid\ncorrupting memory beyond the fixed-size slab-allocated session array\nwhen there are more than FASTRPC_MAX_SESSIONS sessions defined in the\ndevicetree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49952",
"url": "https://www.suse.com/security/cve/CVE-2022-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1244945 for CVE-2022-49952",
"url": "https://bugzilla.suse.com/1244945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49952"
},
{
"cve": "CVE-2022-49954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag\n\nsyzbot is reporting hung task at __input_unregister_device() [1], for\niforce_close() waiting at wait_event_interruptible() with dev-\u003emutex held\nis blocking input_disconnect_device() from __input_unregister_device().\n\nIt seems that the cause is simply that commit c2b27ef672992a20 (\"Input:\niforce - wait for command completion when closing the device\") forgot to\ncall wake_up() after clear_bit().\n\nFix this problem by introducing a helper that calls clear_bit() followed\nby wake_up_all().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49954",
"url": "https://www.suse.com/security/cve/CVE-2022-49954"
},
{
"category": "external",
"summary": "SUSE Bug 1244976 for CVE-2022-49954",
"url": "https://bugzilla.suse.com/1244976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49954"
},
{
"cve": "CVE-2022-49956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8712: fix use after free bugs\n\n_Read/Write_MACREG callbacks are NULL so the read/write_macreg_hdl()\nfunctions don\u0027t do anything except free the \"pcmd\" pointer. It\nresults in a use after free. Delete them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49956",
"url": "https://www.suse.com/security/cve/CVE-2022-49956"
},
{
"category": "external",
"summary": "SUSE Bug 1244969 for CVE-2022-49956",
"url": "https://bugzilla.suse.com/1244969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49956"
},
{
"cve": "CVE-2022-49957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkcm: fix strp_init() order and cleanup\n\nstrp_init() is called just a few lines above this csk-\u003esk_user_data\ncheck, it also initializes strp-\u003ework etc., therefore, it is\nunnecessary to call strp_done() to cancel the freshly initialized\nwork.\n\nAnd if sk_user_data is already used by KCM, psock-\u003estrp should not be\ntouched, particularly strp-\u003ework state, so we need to move strp_init()\nafter the csk-\u003esk_user_data check.\n\nThis also makes a lockdep warning reported by syzbot go away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49957",
"url": "https://www.suse.com/security/cve/CVE-2022-49957"
},
{
"category": "external",
"summary": "SUSE Bug 1244966 for CVE-2022-49957",
"url": "https://bugzilla.suse.com/1244966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49957"
},
{
"cve": "CVE-2022-49958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix netdevice reference leaks in attach_default_qdiscs()\n\nIn attach_default_qdiscs(), if a dev has multiple queues and queue 0 fails\nto attach qdisc because there is no memory in attach_one_default_qdisc().\nThen dev-\u003eqdisc will be noop_qdisc by default. But the other queues may be\nable to successfully attach to default qdisc.\n\nIn this case, the fallback to noqueue process will be triggered. If the\noriginal attached qdisc is not released and a new one is directly\nattached, this will cause netdevice reference leaks.\n\nThe following is the bug log:\n\nveth0: default qdisc (fq_codel) fail, fallback to noqueue\nunregister_netdevice: waiting for veth0 to become free. Usage count = 32\nleaked reference.\n qdisc_alloc+0x12e/0x210\n qdisc_create_dflt+0x62/0x140\n attach_one_default_qdisc.constprop.41+0x44/0x70\n dev_activate+0x128/0x290\n __dev_open+0x12a/0x190\n __dev_change_flags+0x1a2/0x1f0\n dev_change_flags+0x23/0x60\n do_setlink+0x332/0x1150\n __rtnl_newlink+0x52f/0x8e0\n rtnl_newlink+0x43/0x70\n rtnetlink_rcv_msg+0x140/0x3b0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x1bb/0x290\n netlink_sendmsg+0x37c/0x4e0\n sock_sendmsg+0x5f/0x70\n ____sys_sendmsg+0x208/0x280\n\nFix this bug by clearing any non-noop qdiscs that may have been assigned\nbefore trying to re-attach.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49958",
"url": "https://www.suse.com/security/cve/CVE-2022-49958"
},
{
"category": "external",
"summary": "SUSE Bug 1244974 for CVE-2022-49958",
"url": "https://bugzilla.suse.com/1244974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49958"
},
{
"cve": "CVE-2022-49960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: fix null pointer dereference\n\nAsus chromebook CX550 crashes during boot on v5.17-rc1 kernel.\nThe root cause is null pointer defeference of bi_next\nin tgl_get_bw_info() in drivers/gpu/drm/i915/display/intel_bw.c.\n\nBUG: kernel NULL pointer dereference, address: 000000000000002e\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 1 Comm: swapper/0 Tainted: G U 5.17.0-rc1\nHardware name: Google Delbin/Delbin, BIOS Google_Delbin.13672.156.3 05/14/2021\nRIP: 0010:tgl_get_bw_info+0x2de/0x510\n...\n[ 2.554467] Call Trace:\n[ 2.554467] \u003cTASK\u003e\n[ 2.554467] intel_bw_init_hw+0x14a/0x434\n[ 2.554467] ? _printk+0x59/0x73\n[ 2.554467] ? _dev_err+0x77/0x91\n[ 2.554467] i915_driver_hw_probe+0x329/0x33e\n[ 2.554467] i915_driver_probe+0x4c8/0x638\n[ 2.554467] i915_pci_probe+0xf8/0x14e\n[ 2.554467] ? _raw_spin_unlock_irqrestore+0x12/0x2c\n[ 2.554467] pci_device_probe+0xaa/0x142\n[ 2.554467] really_probe+0x13f/0x2f4\n[ 2.554467] __driver_probe_device+0x9e/0xd3\n[ 2.554467] driver_probe_device+0x24/0x7c\n[ 2.554467] __driver_attach+0xba/0xcf\n[ 2.554467] ? driver_attach+0x1f/0x1f\n[ 2.554467] bus_for_each_dev+0x8c/0xc0\n[ 2.554467] bus_add_driver+0x11b/0x1f7\n[ 2.554467] driver_register+0x60/0xea\n[ 2.554467] ? mipi_dsi_bus_init+0x16/0x16\n[ 2.554467] i915_init+0x2c/0xb9\n[ 2.554467] ? mipi_dsi_bus_init+0x16/0x16\n[ 2.554467] do_one_initcall+0x12e/0x2b3\n[ 2.554467] do_initcall_level+0xd6/0xf3\n[ 2.554467] do_initcalls+0x4e/0x79\n[ 2.554467] kernel_init_freeable+0xed/0x14d\n[ 2.554467] ? rest_init+0xc1/0xc1\n[ 2.554467] kernel_init+0x1a/0x120\n[ 2.554467] ret_from_fork+0x1f/0x30\n[ 2.554467] \u003c/TASK\u003e\n...\nKernel panic - not syncing: Fatal exception\n\n(cherry picked from commit c247cd03898c4c43c3bce6d4014730403bc13032)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49960",
"url": "https://www.suse.com/security/cve/CVE-2022-49960"
},
{
"category": "external",
"summary": "SUSE Bug 1244911 for CVE-2022-49960",
"url": "https://bugzilla.suse.com/1244911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49960"
},
{
"cve": "CVE-2022-49964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level\n\nThough acpi_find_last_cache_level() always returned signed value and the\ndocument states it will return any errors caused by lack of a PPTT table,\nit never returned negative values before.\n\nCommit 0c80f9e165f8 (\"ACPI: PPTT: Leave the table mapped for the runtime usage\")\nhowever changed it by returning -ENOENT if no PPTT was found. The value\nreturned from acpi_find_last_cache_level() is then assigned to unsigned\nfw_level.\n\nIt will result in the number of cache leaves calculated incorrectly as\na huge value which will then cause the following warning from __alloc_pages\nas the order would be great than MAX_ORDER because of incorrect and huge\ncache leaves value.\n\n | WARNING: CPU: 0 PID: 1 at mm/page_alloc.c:5407 __alloc_pages+0x74/0x314\n | Modules linked in:\n | CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-10393-g7c2a8d3ac4c0 #73\n | pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n | pc : __alloc_pages+0x74/0x314\n | lr : alloc_pages+0xe8/0x318\n | Call trace:\n | __alloc_pages+0x74/0x314\n | alloc_pages+0xe8/0x318\n | kmalloc_order_trace+0x68/0x1dc\n | __kmalloc+0x240/0x338\n | detect_cache_attributes+0xe0/0x56c\n | update_siblings_masks+0x38/0x284\n | store_cpu_topology+0x78/0x84\n | smp_prepare_cpus+0x48/0x134\n | kernel_init_freeable+0xc4/0x14c\n | kernel_init+0x2c/0x1b4\n | ret_from_fork+0x10/0x20\n\nFix the same by changing fw_level to be signed integer and return the\nerror from init_cache_level() early in case of error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49964",
"url": "https://www.suse.com/security/cve/CVE-2022-49964"
},
{
"category": "external",
"summary": "SUSE Bug 1245064 for CVE-2022-49964",
"url": "https://bugzilla.suse.com/1245064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49964"
},
{
"cve": "CVE-2022-49966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: add missing -\u003efini_microcode interface for Sienna Cichlid\n\nTo avoid any potential memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49966",
"url": "https://www.suse.com/security/cve/CVE-2022-49966"
},
{
"category": "external",
"summary": "SUSE Bug 1245062 for CVE-2022-49966",
"url": "https://bugzilla.suse.com/1245062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49966"
},
{
"cve": "CVE-2022-49968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nieee802154/adf7242: defer destroy_workqueue call\n\nThere is a possible race condition (use-after-free) like below\n\n (FREE) | (USE)\n adf7242_remove | adf7242_channel\n cancel_delayed_work_sync |\n destroy_workqueue (1) | adf7242_cmd_rx\n | mod_delayed_work (2)\n |\n\nThe root cause for this race is that the upper layer (ieee802154) is\nunaware of this detaching event and the function adf7242_channel can\nbe called without any checks.\n\nTo fix this, we can add a flag write at the beginning of adf7242_remove\nand add flag check in adf7242_channel. Or we can just defer the\ndestructive operation like other commit 3e0588c291d6 (\"hamradio: defer\nax25 kfree after unregister_netdev\") which let the\nieee802154_unregister_hw() to handle the synchronization. This patch\ntakes the second option.\n\nruns\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49968",
"url": "https://www.suse.com/security/cve/CVE-2022-49968"
},
{
"category": "external",
"summary": "SUSE Bug 1244959 for CVE-2022-49968",
"url": "https://bugzilla.suse.com/1244959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49968"
},
{
"cve": "CVE-2022-49969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: clear optc underflow before turn off odm clock\n\n[Why]\nAfter ODM clock off, optc underflow bit will be kept there always and clear not work.\nWe need to clear that before clock off.\n\n[How]\nClear that if have when clock off.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49969",
"url": "https://www.suse.com/security/cve/CVE-2022-49969"
},
{
"category": "external",
"summary": "SUSE Bug 1245060 for CVE-2022-49969",
"url": "https://bugzilla.suse.com/1245060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49969"
},
{
"cve": "CVE-2022-49977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\n\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\n\nregister_ftrace_function\n ftrace_startup\n __register_ftrace_function\n ...\n add_ftrace_ops(\u0026ftrace_ops_list, ops)\n ...\n ...\n ftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n ...\n return 0 // ops is in the ftrace_ops_list.\n\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\n ftrace_shutdown\n if (unlikely(ftrace_disabled))\n return -ENODEV; // return here, __unregister_ftrace_function is not executed,\n // as a result, ops is still in the ftrace_ops_list\n __unregister_ftrace_function\n ...\n\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\n\nis_ftrace_trampoline\n ftrace_ops_trampoline\n do_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\n\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 \u003c48\u003e 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49977",
"url": "https://www.suse.com/security/cve/CVE-2022-49977"
},
{
"category": "external",
"summary": "SUSE Bug 1244936 for CVE-2022-49977",
"url": "https://bugzilla.suse.com/1244936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-49978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fb_pm2fb: Avoid potential divide by zero error\n\nIn `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be\ncopied from user, then go through `fb_set_var()` and\n`info-\u003efbops-\u003efb_check_var()` which could may be `pm2fb_check_var()`.\nAlong the path, `var-\u003epixclock` won\u0027t be modified. This function checks\nwhether reciprocal of `var-\u003epixclock` is too high. If `var-\u003epixclock` is\nzero, there will be a divide by zero error. So, it is necessary to check\nwhether denominator is zero to avoid crash. As this bug is found by\nSyzkaller, logs are listed below.\n\ndivide error in pm2fb_check_var\nCall Trace:\n \u003cTASK\u003e\n fb_set_var+0x367/0xeb0 drivers/video/fbdev/core/fbmem.c:1015\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49978",
"url": "https://www.suse.com/security/cve/CVE-2022-49978"
},
{
"category": "external",
"summary": "SUSE Bug 1245195 for CVE-2022-49978",
"url": "https://bugzilla.suse.com/1245195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49978"
},
{
"cve": "CVE-2022-49981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hidraw: fix memory leak in hidraw_release()\n\nFree the buffered reports before deleting the list entry.\n\nBUG: memory leak\nunreferenced object 0xffff88810e72f180 (size 32):\n comm \"softirq\", pid 0, jiffies 4294945143 (age 16.080s)\n hex dump (first 32 bytes):\n 64 f3 c6 6a d1 88 07 04 00 00 00 00 00 00 00 00 d..j............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff814ac6c3\u003e] kmemdup+0x23/0x50 mm/util.c:128\n [\u003cffffffff8357c1d2\u003e] kmemdup include/linux/fortify-string.h:440 [inline]\n [\u003cffffffff8357c1d2\u003e] hidraw_report_event+0xa2/0x150 drivers/hid/hidraw.c:521\n [\u003cffffffff8356ddad\u003e] hid_report_raw_event+0x27d/0x740 drivers/hid/hid-core.c:1992\n [\u003cffffffff8356e41e\u003e] hid_input_report+0x1ae/0x270 drivers/hid/hid-core.c:2065\n [\u003cffffffff835f0d3f\u003e] hid_irq_in+0x1ff/0x250 drivers/hid/usbhid/hid-core.c:284\n [\u003cffffffff82d3c7f9\u003e] __usb_hcd_giveback_urb+0xf9/0x230 drivers/usb/core/hcd.c:1670\n [\u003cffffffff82d3cc26\u003e] usb_hcd_giveback_urb+0x1b6/0x1d0 drivers/usb/core/hcd.c:1747\n [\u003cffffffff82ef1e14\u003e] dummy_timer+0x8e4/0x14c0 drivers/usb/gadget/udc/dummy_hcd.c:1988\n [\u003cffffffff812f50a8\u003e] call_timer_fn+0x38/0x200 kernel/time/timer.c:1474\n [\u003cffffffff812f5586\u003e] expire_timers kernel/time/timer.c:1519 [inline]\n [\u003cffffffff812f5586\u003e] __run_timers.part.0+0x316/0x430 kernel/time/timer.c:1790\n [\u003cffffffff812f56e4\u003e] __run_timers kernel/time/timer.c:1768 [inline]\n [\u003cffffffff812f56e4\u003e] run_timer_softirq+0x44/0x90 kernel/time/timer.c:1803\n [\u003cffffffff848000e6\u003e] __do_softirq+0xe6/0x2ea kernel/softirq.c:571\n [\u003cffffffff81246db0\u003e] invoke_softirq kernel/softirq.c:445 [inline]\n [\u003cffffffff81246db0\u003e] __irq_exit_rcu kernel/softirq.c:650 [inline]\n [\u003cffffffff81246db0\u003e] irq_exit_rcu+0xc0/0x110 kernel/softirq.c:662\n [\u003cffffffff84574f02\u003e] sysvec_apic_timer_interrupt+0xa2/0xd0 arch/x86/kernel/apic/apic.c:1106\n [\u003cffffffff84600c8b\u003e] asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:649\n [\u003cffffffff8458a070\u003e] native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]\n [\u003cffffffff8458a070\u003e] arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]\n [\u003cffffffff8458a070\u003e] acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]\n [\u003cffffffff8458a070\u003e] acpi_idle_do_entry+0xc0/0xd0 drivers/acpi/processor_idle.c:554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49981",
"url": "https://www.suse.com/security/cve/CVE-2022-49981"
},
{
"category": "external",
"summary": "SUSE Bug 1245072 for CVE-2022-49981",
"url": "https://bugzilla.suse.com/1245072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49981"
},
{
"cve": "CVE-2022-49982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix memory leak in pvr_probe\n\nThe error handling code in pvr2_hdw_create forgets to unregister the\nv4l2 device. When pvr2_hdw_create returns back to pvr2_context_create,\nit calls pvr2_context_destroy to destroy context, but mp-\u003ehdw is NULL,\nwhich leads to that pvr2_hdw_destroy directly returns.\n\nFix this by adding v4l2_device_unregister to decrease the refcount of\nusb interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49982",
"url": "https://www.suse.com/security/cve/CVE-2022-49982"
},
{
"category": "external",
"summary": "SUSE Bug 1245069 for CVE-2022-49982",
"url": "https://bugzilla.suse.com/1245069"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49982"
},
{
"cve": "CVE-2022-49983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: Set the DMA mask for the udmabuf device (v2)\n\nIf the DMA mask is not set explicitly, the following warning occurs\nwhen the userspace tries to access the dma-buf via the CPU as\nreported by syzbot here:\n\nWARNING: CPU: 1 PID: 3595 at kernel/dma/mapping.c:188\n__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nModules linked in:\nCPU: 0 PID: 3595 Comm: syz-executor249 Not tainted\n5.17.0-rc2-syzkaller-00316-g0457e5153e0e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS\nGoogle 01/01/2011\nRIP: 0010:__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nCode: 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 71 4c 8b 3d c0\n83 b5 0d e9 db fe ff ff e8 b6 0f 13 00 0f 0b e8 af 0f 13 00 \u003c0f\u003e 0b 45\n 31 e4 e9 54 ff ff ff e8 a0 0f 13 00 49 8d 7f 50 48 b8 00\nRSP: 0018:ffffc90002a07d68 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88807e25e2c0 RSI: ffffffff81649e91 RDI: ffff88801b848408\nRBP: ffff88801b848000 R08: 0000000000000002 R09: ffff88801d86c74f\nR10: ffffffff81649d72 R11: 0000000000000001 R12: 0000000000000002\nR13: ffff88801d86c680 R14: 0000000000000001 R15: 0000000000000000\nFS: 0000555556e30300(0000) GS:ffff8880b9d00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200000cc CR3: 000000001d74a000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n dma_map_sgtable+0x70/0xf0 kernel/dma/mapping.c:264\n get_sg_table.isra.0+0xe0/0x160 drivers/dma-buf/udmabuf.c:72\n begin_cpu_udmabuf+0x130/0x1d0 drivers/dma-buf/udmabuf.c:126\n dma_buf_begin_cpu_access+0xfd/0x1d0 drivers/dma-buf/dma-buf.c:1164\n dma_buf_ioctl+0x259/0x2b0 drivers/dma-buf/dma-buf.c:363\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:874 [inline]\n __se_sys_ioctl fs/ioctl.c:860 [inline]\n __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:860\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f62fcf530f9\nCode: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe3edab9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f62fcf530f9\nRDX: 0000000020000200 RSI: 0000000040086200 RDI: 0000000000000006\nRBP: 00007f62fcf170e0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f62fcf17170\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nv2: Dont\u0027t forget to deregister if DMA mask setup fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49983",
"url": "https://www.suse.com/security/cve/CVE-2022-49983"
},
{
"category": "external",
"summary": "SUSE Bug 1245092 for CVE-2022-49983",
"url": "https://bugzilla.suse.com/1245092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49983"
},
{
"cve": "CVE-2022-49984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report\n\nIt is possible for a malicious device to forgo submitting a Feature\nReport. The HID Steam driver presently makes no prevision for this\nand de-references the \u0027struct hid_report\u0027 pointer obtained from the\nHID devices without first checking its validity. Let\u0027s change that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49984",
"url": "https://www.suse.com/security/cve/CVE-2022-49984"
},
{
"category": "external",
"summary": "SUSE Bug 1244950 for CVE-2022-49984",
"url": "https://bugzilla.suse.com/1244950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49984"
},
{
"cve": "CVE-2022-49985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Don\u0027t use tnum_range on array range checking for poke descriptors\n\nHsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which\nis based on a customized syzkaller:\n\n BUG: KASAN: slab-out-of-bounds in bpf_int_jit_compile+0x1257/0x13f0\n Read of size 8 at addr ffff888004e90b58 by task syz-executor.0/1489\n CPU: 1 PID: 1489 Comm: syz-executor.0 Not tainted 5.19.0 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x9c/0xc9\n print_address_description.constprop.0+0x1f/0x1f0\n ? bpf_int_jit_compile+0x1257/0x13f0\n kasan_report.cold+0xeb/0x197\n ? kvmalloc_node+0x170/0x200\n ? bpf_int_jit_compile+0x1257/0x13f0\n bpf_int_jit_compile+0x1257/0x13f0\n ? arch_prepare_bpf_dispatcher+0xd0/0xd0\n ? rcu_read_lock_sched_held+0x43/0x70\n bpf_prog_select_runtime+0x3e8/0x640\n ? bpf_obj_name_cpy+0x149/0x1b0\n bpf_prog_load+0x102f/0x2220\n ? __bpf_prog_put.constprop.0+0x220/0x220\n ? find_held_lock+0x2c/0x110\n ? __might_fault+0xd6/0x180\n ? lock_downgrade+0x6e0/0x6e0\n ? lock_is_held_type+0xa6/0x120\n ? __might_fault+0x147/0x180\n __sys_bpf+0x137b/0x6070\n ? bpf_perf_link_attach+0x530/0x530\n ? new_sync_read+0x600/0x600\n ? __fget_files+0x255/0x450\n ? lock_downgrade+0x6e0/0x6e0\n ? fput+0x30/0x1a0\n ? ksys_write+0x1a8/0x260\n __x64_sys_bpf+0x7a/0xc0\n ? syscall_enter_from_user_mode+0x21/0x70\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7f917c4e2c2d\n\nThe problem here is that a range of tnum_range(0, map-\u003emax_entries - 1) has\nlimited ability to represent the concrete tight range with the tnum as the\nset of resulting states from value + mask can result in a superset of the\nactual intended range, and as such a tnum_in(range, reg-\u003evar_off) check may\nyield true when it shouldn\u0027t, for example tnum_range(0, 2) would result in\n00XX -\u003e v = 0000, m = 0011 such that the intended set of {0, 1, 2} is here\nrepresented by a less precise superset of {0, 1, 2, 3}. As the register is\nknown const scalar, really just use the concrete reg-\u003evar_off.value for the\nupper index check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49985",
"url": "https://www.suse.com/security/cve/CVE-2022-49985"
},
{
"category": "external",
"summary": "SUSE Bug 1244956 for CVE-2022-49985",
"url": "https://bugzilla.suse.com/1244956"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49985"
},
{
"cve": "CVE-2022-49986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq\n\nstorvsc_error_wq workqueue should not be marked as WQ_MEM_RECLAIM as it\ndoesn\u0027t need to make forward progress under memory pressure. Marking this\nworkqueue as WQ_MEM_RECLAIM may cause deadlock while flushing a\nnon-WQ_MEM_RECLAIM workqueue. In the current state it causes the following\nwarning:\n\n[ 14.506347] ------------[ cut here ]------------\n[ 14.506354] workqueue: WQ_MEM_RECLAIM storvsc_error_wq_0:storvsc_remove_lun is flushing !WQ_MEM_RECLAIM events_freezable_power_:disk_events_workfn\n[ 14.506360] WARNING: CPU: 0 PID: 8 at \u003c-snip-\u003ekernel/workqueue.c:2623 check_flush_dependency+0xb5/0x130\n[ 14.506390] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 5.4.0-1086-azure #91~18.04.1-Ubuntu\n[ 14.506391] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 14.506393] Workqueue: storvsc_error_wq_0 storvsc_remove_lun\n[ 14.506395] RIP: 0010:check_flush_dependency+0xb5/0x130\n\t\t\u003c-snip-\u003e\n[ 14.506408] Call Trace:\n[ 14.506412] __flush_work+0xf1/0x1c0\n[ 14.506414] __cancel_work_timer+0x12f/0x1b0\n[ 14.506417] ? kernfs_put+0xf0/0x190\n[ 14.506418] cancel_delayed_work_sync+0x13/0x20\n[ 14.506420] disk_block_events+0x78/0x80\n[ 14.506421] del_gendisk+0x3d/0x2f0\n[ 14.506423] sr_remove+0x28/0x70\n[ 14.506427] device_release_driver_internal+0xef/0x1c0\n[ 14.506428] device_release_driver+0x12/0x20\n[ 14.506429] bus_remove_device+0xe1/0x150\n[ 14.506431] device_del+0x167/0x380\n[ 14.506432] __scsi_remove_device+0x11d/0x150\n[ 14.506433] scsi_remove_device+0x26/0x40\n[ 14.506434] storvsc_remove_lun+0x40/0x60\n[ 14.506436] process_one_work+0x209/0x400\n[ 14.506437] worker_thread+0x34/0x400\n[ 14.506439] kthread+0x121/0x140\n[ 14.506440] ? process_one_work+0x400/0x400\n[ 14.506441] ? kthread_park+0x90/0x90\n[ 14.506443] ret_from_fork+0x35/0x40\n[ 14.506445] ---[ end trace 2d9633159fdc6ee7 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49986",
"url": "https://www.suse.com/security/cve/CVE-2022-49986"
},
{
"category": "external",
"summary": "SUSE Bug 1244948 for CVE-2022-49986",
"url": "https://bugzilla.suse.com/1244948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49986"
},
{
"cve": "CVE-2022-49987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: call __md_stop_writes in md_stop\n\nFrom the link [1], we can see raid1d was running even after the path\nraid_dtr -\u003e md_stop -\u003e __md_stop.\n\nLet\u0027s stop write first in destructor to align with normal md-raid to\nfix the KASAN issue.\n\n[1]. https://lore.kernel.org/linux-raid/CAPhsuW5gc4AakdGNdF8ubpezAuDLFOYUO_sfMZcec6hQFm8nhg@mail.gmail.com/T/#m7f12bf90481c02c6d2da68c64aeed4779b7df74a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49987",
"url": "https://www.suse.com/security/cve/CVE-2022-49987"
},
{
"category": "external",
"summary": "SUSE Bug 1245024 for CVE-2022-49987",
"url": "https://bugzilla.suse.com/1245024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49987"
},
{
"cve": "CVE-2022-49989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: fix error exit of privcmd_ioctl_dm_op()\n\nThe error exit of privcmd_ioctl_dm_op() is calling unlock_pages()\npotentially with pages being NULL, leading to a NULL dereference.\n\nAdditionally lock_pages() doesn\u0027t check for pin_user_pages_fast()\nhaving been completely successful, resulting in potentially not\nlocking all pages into memory. This could result in sporadic failures\nwhen using the related memory in user mode.\n\nFix all of that by calling unlock_pages() always with the real number\nof pinned pages, which will be zero in case pages being NULL, and by\nchecking the number of pages pinned by pin_user_pages_fast() matching\nthe expected number of pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49989",
"url": "https://www.suse.com/security/cve/CVE-2022-49989"
},
{
"category": "external",
"summary": "SUSE Bug 1245007 for CVE-2022-49989",
"url": "https://bugzilla.suse.com/1245007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49989"
},
{
"cve": "CVE-2022-49990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390: fix double free of GS and RI CBs on fork() failure\n\nThe pointers for guarded storage and runtime instrumentation control\nblocks are stored in the thread_struct of the associated task. These\npointers are initially copied on fork() via arch_dup_task_struct()\nand then cleared via copy_thread() before fork() returns. If fork()\nhappens to fail after the initial task dup and before copy_thread(),\nthe newly allocated task and associated thread_struct memory are\nfreed via free_task() -\u003e arch_release_task_struct(). This results in\na double free of the guarded storage and runtime info structs\nbecause the fields in the failed task still refer to memory\nassociated with the source task.\n\nThis problem can manifest as a BUG_ON() in set_freepointer() (with\nCONFIG_SLAB_FREELIST_HARDENED enabled) or KASAN splat (if enabled)\nwhen running trinity syscall fuzz tests on s390x. To avoid this\nproblem, clear the associated pointer fields in\narch_dup_task_struct() immediately after the new task is copied.\nNote that the RI flag is still cleared in copy_thread() because it\nresides in thread stack memory and that is where stack info is\ncopied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49990",
"url": "https://www.suse.com/security/cve/CVE-2022-49990"
},
{
"category": "external",
"summary": "SUSE Bug 1245006 for CVE-2022-49990",
"url": "https://bugzilla.suse.com/1245006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49990"
},
{
"cve": "CVE-2022-49993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Check for overflow while configuring loop\n\nThe userspace can configure a loop using an ioctl call, wherein\na configuration of type loop_config is passed (see lo_ioctl()\u0027s\ncase on line 1550 of drivers/block/loop.c). This proceeds to call\nloop_configure() which in turn calls loop_set_status_from_info()\n(see line 1050 of loop.c), passing \u0026config-\u003einfo which is of type\nloop_info64*. This function then sets the appropriate values, like\nthe offset.\n\nloop_device has lo_offset of type loff_t (see line 52 of loop.c),\nwhich is typdef-chained to long long, whereas loop_info64 has\nlo_offset of type __u64 (see line 56 of include/uapi/linux/loop.h).\n\nThe function directly copies offset from info to the device as\nfollows (See line 980 of loop.c):\n\tlo-\u003elo_offset = info-\u003elo_offset;\n\nThis results in an overflow, which triggers a warning in iomap_iter()\ndue to a call to iomap_iter_done() which has:\n\tWARN_ON_ONCE(iter-\u003eiomap.offset \u003e iter-\u003epos);\n\nThus, check for negative value during loop_set_status_from_info().\n\nBug report: https://syzkaller.appspot.com/bug?id=c620fe14aac810396d3c3edc9ad73848bf69a29e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49993",
"url": "https://www.suse.com/security/cve/CVE-2022-49993"
},
{
"category": "external",
"summary": "SUSE Bug 1245121 for CVE-2022-49993",
"url": "https://bugzilla.suse.com/1245121"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49993"
},
{
"cve": "CVE-2022-49995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: avoid use-after-free after removing device\n\nWhen a disk is removed, bdi_unregister gets called to stop further\nwriteback and wait for associated delayed work to complete. However,\nwb_inode_writeback_end() may schedule bandwidth estimation dwork after\nthis has completed, which can result in the timer attempting to access the\njust freed bdi_writeback.\n\nFix this by checking if the bdi_writeback is alive, similar to when\nscheduling writeback work.\n\nSince this requires wb-\u003ework_lock, and wb_inode_writeback_end() may get\ncalled from interrupt, switch wb-\u003ework_lock to an irqsafe lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49995",
"url": "https://www.suse.com/security/cve/CVE-2022-49995"
},
{
"category": "external",
"summary": "SUSE Bug 1245012 for CVE-2022-49995",
"url": "https://bugzilla.suse.com/1245012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49995"
},
{
"cve": "CVE-2022-49999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix space cache corruption and potential double allocations\n\nWhen testing space_cache v2 on a large set of machines, we encountered a\nfew symptoms:\n\n1. \"unable to add free space :-17\" (EEXIST) errors.\n2. Missing free space info items, sometimes caught with a \"missing free\n space info for X\" error.\n3. Double-accounted space: ranges that were allocated in the extent tree\n and also marked as free in the free space tree, ranges that were\n marked as allocated twice in the extent tree, or ranges that were\n marked as free twice in the free space tree. If the latter made it\n onto disk, the next reboot would hit the BUG_ON() in\n add_new_free_space().\n4. On some hosts with no on-disk corruption or error messages, the\n in-memory space cache (dumped with drgn) disagreed with the free\n space tree.\n\nAll of these symptoms have the same underlying cause: a race between\ncaching the free space for a block group and returning free space to the\nin-memory space cache for pinned extents causes us to double-add a free\nrange to the space cache. This race exists when free space is cached\nfrom the free space tree (space_cache=v2) or the extent tree\n(nospace_cache, or space_cache=v1 if the cache needs to be regenerated).\nstruct btrfs_block_group::last_byte_to_unpin and struct\nbtrfs_block_group::progress are supposed to protect against this race,\nbut commit d0c2f4fa555e (\"btrfs: make concurrent fsyncs wait less when\nwaiting for a transaction commit\") subtly broke this by allowing\nmultiple transactions to be unpinning extents at the same time.\n\nSpecifically, the race is as follows:\n\n1. An extent is deleted from an uncached block group in transaction A.\n2. btrfs_commit_transaction() is called for transaction A.\n3. btrfs_run_delayed_refs() -\u003e __btrfs_free_extent() runs the delayed\n ref for the deleted extent.\n4. __btrfs_free_extent() -\u003e do_free_extent_accounting() -\u003e\n add_to_free_space_tree() adds the deleted extent back to the free\n space tree.\n5. do_free_extent_accounting() -\u003e btrfs_update_block_group() -\u003e\n btrfs_cache_block_group() queues up the block group to get cached.\n block_group-\u003eprogress is set to block_group-\u003estart.\n6. btrfs_commit_transaction() for transaction A calls\n switch_commit_roots(). It sets block_group-\u003elast_byte_to_unpin to\n block_group-\u003eprogress, which is block_group-\u003estart because the block\n group hasn\u0027t been cached yet.\n7. The caching thread gets to our block group. Since the commit roots\n were already switched, load_free_space_tree() sees the deleted extent\n as free and adds it to the space cache. It finishes caching and sets\n block_group-\u003eprogress to U64_MAX.\n8. btrfs_commit_transaction() advances transaction A to\n TRANS_STATE_SUPER_COMMITTED.\n9. fsync calls btrfs_commit_transaction() for transaction B. Since\n transaction A is already in TRANS_STATE_SUPER_COMMITTED and the\n commit is for fsync, it advances.\n10. btrfs_commit_transaction() for transaction B calls\n switch_commit_roots(). This time, the block group has already been\n cached, so it sets block_group-\u003elast_byte_to_unpin to U64_MAX.\n11. btrfs_commit_transaction() for transaction A calls\n btrfs_finish_extent_commit(), which calls unpin_extent_range() for\n the deleted extent. It sees last_byte_to_unpin set to U64_MAX (by\n transaction B!), so it adds the deleted extent to the space cache\n again!\n\nThis explains all of our symptoms above:\n\n* If the sequence of events is exactly as described above, when the free\n space is re-added in step 11, it will fail with EEXIST.\n* If another thread reallocates the deleted extent in between steps 7\n and 11, then step 11 will silently re-add that space to the space\n cache as free even though it is actually allocated. Then, if that\n space is allocated *again*, the free space tree will be corrupted\n (namely, the wrong item will be deleted).\n* If we don\u0027t catch this free space tree corr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49999",
"url": "https://www.suse.com/security/cve/CVE-2022-49999"
},
{
"category": "external",
"summary": "SUSE Bug 1245019 for CVE-2022-49999",
"url": "https://bugzilla.suse.com/1245019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-49999"
},
{
"cve": "CVE-2022-50005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout\n\nWhen the pn532 uart device is detaching, the pn532_uart_remove()\nis called. But there are no functions in pn532_uart_remove() that\ncould delete the cmd_timeout timer, which will cause use-after-free\nbugs. The process is shown below:\n\n (thread 1) | (thread 2)\n | pn532_uart_send_frame\npn532_uart_remove | mod_timer(\u0026pn532-\u003ecmd_timeout,...)\n ... | (wait a time)\n kfree(pn532) //FREE | pn532_cmd_timeout\n | pn532_uart_send_frame\n | pn532-\u003e... //USE\n\nThis patch adds del_timer_sync() in pn532_uart_remove() in order to\nprevent the use-after-free bugs. What\u0027s more, the pn53x_unregister_nfc()\nis well synchronized, it sets nfc_dev-\u003eshutting_down to true and there\nare no syscalls could restart the cmd_timeout timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50005",
"url": "https://www.suse.com/security/cve/CVE-2022-50005"
},
{
"category": "external",
"summary": "SUSE Bug 1245011 for CVE-2022-50005",
"url": "https://bugzilla.suse.com/1245011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50005"
},
{
"cve": "CVE-2022-50006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.2 fix problems with __nfs42_ssc_open\n\nA destination server while doing a COPY shouldn\u0027t accept using the\npassed in filehandle if its not a regular filehandle.\n\nIf alloc_file_pseudo() has failed, we need to decrement a reference\non the newly created inode, otherwise it leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50006",
"url": "https://www.suse.com/security/cve/CVE-2022-50006"
},
{
"category": "external",
"summary": "SUSE Bug 1245018 for CVE-2022-50006",
"url": "https://bugzilla.suse.com/1245018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50006"
},
{
"cve": "CVE-2022-50008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: don\u0027t call disarm_kprobe() for disabled kprobes\n\nThe assumption in __disable_kprobe() is wrong, and it could try to disarm\nan already disarmed kprobe and fire the WARN_ONCE() below. [0] We can\neasily reproduce this issue.\n\n1. Write 0 to /sys/kernel/debug/kprobes/enabled.\n\n # echo 0 \u003e /sys/kernel/debug/kprobes/enabled\n\n2. Run execsnoop. At this time, one kprobe is disabled.\n\n # /usr/share/bcc/tools/execsnoop \u0026\n [1] 2460\n PCOMM PID PPID RET ARGS\n\n # cat /sys/kernel/debug/kprobes/list\n ffffffff91345650 r __x64_sys_execve+0x0 [FTRACE]\n ffffffff91345650 k __x64_sys_execve+0x0 [DISABLED][FTRACE]\n\n3. Write 1 to /sys/kernel/debug/kprobes/enabled, which changes\n kprobes_all_disarmed to false but does not arm the disabled kprobe.\n\n # echo 1 \u003e /sys/kernel/debug/kprobes/enabled\n\n # cat /sys/kernel/debug/kprobes/list\n ffffffff91345650 r __x64_sys_execve+0x0 [FTRACE]\n ffffffff91345650 k __x64_sys_execve+0x0 [DISABLED][FTRACE]\n\n4. Kill execsnoop, when __disable_kprobe() calls disarm_kprobe() for the\n disabled kprobe and hits the WARN_ONCE() in __disarm_kprobe_ftrace().\n\n # fg\n /usr/share/bcc/tools/execsnoop\n ^C\n\nActually, WARN_ONCE() is fired twice, and __unregister_kprobe_top() misses\nsome cleanups and leaves the aggregated kprobe in the hash table. Then,\n__unregister_trace_kprobe() initialises tk-\u003erp.kp.list and creates an\ninfinite loop like this.\n\n aggregated kprobe.list -\u003e kprobe.list -.\n ^ |\n \u0027.__.\u0027\n\nIn this situation, these commands fall into the infinite loop and result\nin RCU stall or soft lockup.\n\n cat /sys/kernel/debug/kprobes/list : show_kprobe_addr() enters into the\n infinite loop with RCU.\n\n /usr/share/bcc/tools/execsnoop : warn_kprobe_rereg() holds kprobe_mutex,\n and __get_valid_kprobe() is stuck in\n\t\t\t\t the loop.\n\nTo avoid the issue, make sure we don\u0027t call disarm_kprobe() for disabled\nkprobes.\n\n[0]\nFailed to disarm kprobe-ftrace at __x64_sys_execve+0x0/0x40 (error -2)\nWARNING: CPU: 6 PID: 2460 at kernel/kprobes.c:1130 __disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)\nModules linked in: ena\nCPU: 6 PID: 2460 Comm: execsnoop Not tainted 5.19.0+ #28\nHardware name: Amazon EC2 c5.2xlarge/, BIOS 1.0 10/16/2017\nRIP: 0010:__disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)\nCode: 24 8b 02 eb c1 80 3d c4 83 f2 01 00 75 d4 48 8b 75 00 89 c2 48 c7 c7 90 fa 0f 92 89 04 24 c6 05 ab 83 01 e8 e4 94 f0 ff \u003c0f\u003e 0b 8b 04 24 eb b1 89 c6 48 c7 c7 60 fa 0f 92 89 04 24 e8 cc 94\nRSP: 0018:ffff9e6ec154bd98 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffffffff930f7b00 RCX: 0000000000000001\nRDX: 0000000080000001 RSI: ffffffff921461c5 RDI: 00000000ffffffff\nRBP: ffff89c504286da8 R08: 0000000000000000 R09: c0000000fffeffff\nR10: 0000000000000000 R11: ffff9e6ec154bc28 R12: ffff89c502394e40\nR13: ffff89c502394c00 R14: ffff9e6ec154bc00 R15: 0000000000000000\nFS: 00007fe800398740(0000) GS:ffff89c812d80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000c00057f010 CR3: 0000000103b54006 CR4: 00000000007706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n __disable_kprobe (kernel/kprobes.c:1716)\n disable_kprobe (kernel/kprobes.c:2392)\n __disable_trace_kprobe (kernel/trace/trace_kprobe.c:340)\n disable_trace_kprobe (kernel/trace/trace_kprobe.c:429)\n perf_trace_event_unreg.isra.2 (./include/linux/tracepoint.h:93 kernel/trace/trace_event_perf.c:168)\n perf_kprobe_destroy (kernel/trace/trace_event_perf.c:295)\n _free_event (kernel/events/core.c:4971)\n perf_event_release_kernel (kernel/events/core.c:5176)\n perf_release (kernel/events/core.c:5186)\n __fput (fs/file_table.c:321)\n task_work_run (./include/linux/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50008",
"url": "https://www.suse.com/security/cve/CVE-2022-50008"
},
{
"category": "external",
"summary": "SUSE Bug 1245009 for CVE-2022-50008",
"url": "https://bugzilla.suse.com/1245009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50008"
},
{
"cve": "CVE-2022-50010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: i740fb: Check the argument of i740_calc_vclk()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug.\n\nIf the user provides an improper \u0027pixclock\u0027 value that makes the argumet\nof i740_calc_vclk() less than \u0027I740_RFREQ_FIX\u0027, it will cause a\ndivide-by-zero bug in:\n drivers/video/fbdev/i740fb.c:353 p_best = min(15, ilog2(I740_MAX_VCO_FREQ / (freq / I740_RFREQ_FIX)));\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:i740_calc_vclk drivers/video/fbdev/i740fb.c:353 [inline]\nRIP: 0010:i740fb_decode_var drivers/video/fbdev/i740fb.c:646 [inline]\nRIP: 0010:i740fb_set_par+0x163f/0x3b70 drivers/video/fbdev/i740fb.c:742\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of i740_calc_vclk() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50010",
"url": "https://www.suse.com/security/cve/CVE-2022-50010"
},
{
"category": "external",
"summary": "SUSE Bug 1245122 for CVE-2022-50010",
"url": "https://bugzilla.suse.com/1245122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50010"
},
{
"cve": "CVE-2022-50011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvenus: pm_helpers: Fix warning in OPP during probe\n\nFix the following WARN triggered during Venus driver probe on\n5.19.0-rc8-next-20220728:\n\n WARNING: CPU: 7 PID: 339 at drivers/opp/core.c:2471 dev_pm_opp_set_config+0x49c/0x610\n Modules linked in: qcom_spmi_adc5 rtc_pm8xxx qcom_spmi_adc_tm5 leds_qcom_lpg led_class_multicolor\n qcom_pon qcom_vadc_common venus_core(+) qcom_spmi_temp_alarm v4l2_mem2mem videobuf2_v4l2 msm(+)\n videobuf2_common crct10dif_ce spi_geni_qcom snd_soc_sm8250 i2c_qcom_geni gpu_sched\n snd_soc_qcom_common videodev qcom_q6v5_pas soundwire_qcom drm_dp_aux_bus qcom_stats\n drm_display_helper qcom_pil_info soundwire_bus snd_soc_lpass_va_macro mc qcom_q6v5\n phy_qcom_snps_femto_v2 qcom_rng snd_soc_lpass_macro_common snd_soc_lpass_wsa_macro\n lpass_gfm_sm8250 slimbus qcom_sysmon qcom_common qcom_glink_smem qmi_helpers\n qcom_wdt mdt_loader socinfo icc_osm_l3 display_connector\n drm_kms_helper qnoc_sm8250 drm fuse ip_tables x_tables ipv6\n CPU: 7 PID: 339 Comm: systemd-udevd Not tainted 5.19.0-rc8-next-20220728 #4\n Hardware name: Qualcomm Technologies, Inc. Robotics RB5 (DT)\n pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : dev_pm_opp_set_config+0x49c/0x610\n lr : dev_pm_opp_set_config+0x58/0x610\n sp : ffff8000093c3710\n x29: ffff8000093c3710 x28: ffffbca3959d82b8 x27: ffff8000093c3d00\n x26: ffffbca3959d8e08 x25: ffff4396cac98118 x24: ffff4396c0e24810\n x23: ffff4396c4272c40 x22: ffff4396c0e24810 x21: ffff8000093c3810\n x20: ffff4396cac36800 x19: ffff4396cac96800 x18: 0000000000000000\n x17: 0000000000000003 x16: ffffbca3f4edf198 x15: 0000001cba64a858\n x14: 0000000000000180 x13: 000000000000017e x12: 0000000000000000\n x11: 0000000000000002 x10: 0000000000000a60 x9 : ffff8000093c35c0\n x8 : ffff4396c4273700 x7 : ffff43983efca6c0 x6 : ffff43983efca640\n x5 : 00000000410fd0d0 x4 : ffff4396c4272c40 x3 : ffffbca3f5d1e008\n x2 : 0000000000000000 x1 : ffff4396c2421600 x0 : ffff4396cac96860\n Call trace:\n dev_pm_opp_set_config+0x49c/0x610\n devm_pm_opp_set_config+0x18/0x70\n vcodec_domains_get+0xb8/0x1638 [venus_core]\n core_get_v4+0x1d8/0x218 [venus_core]\n venus_probe+0xf4/0x468 [venus_core]\n platform_probe+0x68/0xd8\n really_probe+0xbc/0x2a8\n __driver_probe_device+0x78/0xe0\n driver_probe_device+0x3c/0xf0\n __driver_attach+0x70/0x120\n bus_for_each_dev+0x70/0xc0\n driver_attach+0x24/0x30\n bus_add_driver+0x150/0x200\n driver_register+0x64/0x120\n __platform_driver_register+0x28/0x38\n qcom_venus_driver_init+0x24/0x1000 [venus_core]\n do_one_initcall+0x54/0x1c8\n do_init_module+0x44/0x1d0\n load_module+0x16c8/0x1aa0\n __do_sys_finit_module+0xbc/0x110\n __arm64_sys_finit_module+0x20/0x30\n invoke_syscall+0x44/0x108\n el0_svc_common.constprop.0+0xcc/0xf0\n do_el0_svc+0x2c/0xb8\n el0_svc+0x2c/0x88\n el0t_64_sync_handler+0xb8/0xc0\n el0t_64_sync+0x18c/0x190\n qcom-venus: probe of aa00000.video-codec failed with error -16\n\nThe fix is re-ordering the code related to OPP core. The OPP core\nexpects all configuration options to be provided before the OPP\ntable is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50011",
"url": "https://www.suse.com/security/cve/CVE-2022-50011"
},
{
"category": "external",
"summary": "SUSE Bug 1244915 for CVE-2022-50011",
"url": "https://bugzilla.suse.com/1244915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50011"
},
{
"cve": "CVE-2022-50012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/64: Init jump labels before parse_early_param()\n\nOn 64-bit, calling jump_label_init() in setup_feature_keys() is too\nlate because static keys may be used in subroutines of\nparse_early_param() which is again subroutine of early_init_devtree().\n\nFor example booting with \"threadirqs\":\n\n static_key_enable_cpuslocked(): static key \u00270xc000000002953260\u0027 used before call to jump_label_init()\n WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:166 static_key_enable_cpuslocked+0xfc/0x120\n ...\n NIP static_key_enable_cpuslocked+0xfc/0x120\n LR static_key_enable_cpuslocked+0xf8/0x120\n Call Trace:\n static_key_enable_cpuslocked+0xf8/0x120 (unreliable)\n static_key_enable+0x30/0x50\n setup_forced_irqthreads+0x28/0x40\n do_early_param+0xa0/0x108\n parse_args+0x290/0x4e0\n parse_early_options+0x48/0x5c\n parse_early_param+0x58/0x84\n early_init_devtree+0xd4/0x518\n early_setup+0xb4/0x214\n\nSo call jump_label_init() just before parse_early_param() in\nearly_init_devtree().\n\n[mpe: Add call trace to change log and minor wording edits.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50012",
"url": "https://www.suse.com/security/cve/CVE-2022-50012"
},
{
"category": "external",
"summary": "SUSE Bug 1245125 for CVE-2022-50012",
"url": "https://bugzilla.suse.com/1245125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50012"
},
{
"cve": "CVE-2022-50019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: Fix refcount leak bug in ucc_uart.c\n\nIn soc_info(), of_find_node_by_type() will return a node pointer\nwith refcount incremented. We should use of_node_put() when it is\nnot used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50019",
"url": "https://www.suse.com/security/cve/CVE-2022-50019"
},
{
"category": "external",
"summary": "SUSE Bug 1245098 for CVE-2022-50019",
"url": "https://bugzilla.suse.com/1245098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50019"
},
{
"cve": "CVE-2022-50020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid resizing to a partial cluster size\n\nThis patch avoids an attempt to resize the filesystem to an\nunaligned cluster boundary. An online resize to a size that is not\nintegral to cluster size results in the last iteration attempting to\ngrow the fs by a negative amount, which trips a BUG_ON and leaves the fs\nwith a corrupted in-memory superblock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50020",
"url": "https://www.suse.com/security/cve/CVE-2022-50020"
},
{
"category": "external",
"summary": "SUSE Bug 1245129 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245129"
},
{
"category": "external",
"summary": "SUSE Bug 1245130 for CVE-2022-50020",
"url": "https://bugzilla.suse.com/1245130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2022-50021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: block range must be validated before use in ext4_mb_clear_bb()\n\nBlock range to free is validated in ext4_free_blocks() using\next4_inode_block_valid() and then it\u0027s passed to ext4_mb_clear_bb().\nHowever in some situations on bigalloc file system the range might be\nadjusted after the validation in ext4_free_blocks() which can lead to\ntroubles on corrupted file systems such as one found by syzkaller that\nresulted in the following BUG\n\nkernel BUG at fs/ext4/ext4.h:3319!\nPREEMPT SMP NOPTI\nCPU: 28 PID: 4243 Comm: repro Kdump: loaded Not tainted 5.19.0-rc6+ #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014\nRIP: 0010:ext4_free_blocks+0x95e/0xa90\nCall Trace:\n \u003cTASK\u003e\n ? lock_timer_base+0x61/0x80\n ? __es_remove_extent+0x5a/0x760\n ? __mod_timer+0x256/0x380\n ? ext4_ind_truncate_ensure_credits+0x90/0x220\n ext4_clear_blocks+0x107/0x1b0\n ext4_free_data+0x15b/0x170\n ext4_ind_truncate+0x214/0x2c0\n ? _raw_spin_unlock+0x15/0x30\n ? ext4_discard_preallocations+0x15a/0x410\n ? ext4_journal_check_start+0xe/0x90\n ? __ext4_journal_start_sb+0x2f/0x110\n ext4_truncate+0x1b5/0x460\n ? __ext4_journal_start_sb+0x2f/0x110\n ext4_evict_inode+0x2b4/0x6f0\n evict+0xd0/0x1d0\n ext4_enable_quotas+0x11f/0x1f0\n ext4_orphan_cleanup+0x3de/0x430\n ? proc_create_seq_private+0x43/0x50\n ext4_fill_super+0x295f/0x3ae0\n ? snprintf+0x39/0x40\n ? sget_fc+0x19c/0x330\n ? ext4_reconfigure+0x850/0x850\n get_tree_bdev+0x16d/0x260\n vfs_get_tree+0x25/0xb0\n path_mount+0x431/0xa70\n __x64_sys_mount+0xe2/0x120\n do_syscall_64+0x5b/0x80\n ? do_user_addr_fault+0x1e2/0x670\n ? exc_page_fault+0x70/0x170\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7fdf4e512ace\n\nFix it by making sure that the block range is properly validated before\nused every time it changes in ext4_free_blocks() or ext4_mb_clear_bb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50021",
"url": "https://www.suse.com/security/cve/CVE-2022-50021"
},
{
"category": "external",
"summary": "SUSE Bug 1245180 for CVE-2022-50021",
"url": "https://bugzilla.suse.com/1245180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50021"
},
{
"cve": "CVE-2022-50022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers:md:fix a potential use-after-free bug\n\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh-\u003ebatch_head \u0026\u0026 sh != sh-\u003ebatch_head)\". This may result in an\nuse-after-free bug.\n\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50022",
"url": "https://www.suse.com/security/cve/CVE-2022-50022"
},
{
"category": "external",
"summary": "SUSE Bug 1245131 for CVE-2022-50022",
"url": "https://bugzilla.suse.com/1245131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50022"
},
{
"cve": "CVE-2022-50023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-axi-dmac: ignore interrupt if no descriptor\n\nIf the channel has no descriptor and the interrupt is raised then the\nkernel will OOPS. Check the result of vchan_next_desc() in the handler\naxi_chan_block_xfer_complete() to avoid the error happening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50023",
"url": "https://www.suse.com/security/cve/CVE-2022-50023"
},
{
"category": "external",
"summary": "SUSE Bug 1245134 for CVE-2022-50023",
"url": "https://bugzilla.suse.com/1245134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50023"
},
{
"cve": "CVE-2022-50024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-axi-dmac: do not print NULL LLI during error\n\nDuring debugging we have seen an issue where axi_chan_dump_lli()\nis passed a NULL LLI pointer which ends up causing an OOPS due\nto trying to get fields from it. Simply print NULL LLI and exit\nto avoid this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50024",
"url": "https://www.suse.com/security/cve/CVE-2022-50024"
},
{
"category": "external",
"summary": "SUSE Bug 1245133 for CVE-2022-50024",
"url": "https://bugzilla.suse.com/1245133"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50024"
},
{
"cve": "CVE-2022-50026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhabanalabs/gaudi: fix shift out of bounds\n\nWhen validating NIC queues, queue offset calculation must be\nperformed only for NIC queues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50026",
"url": "https://www.suse.com/security/cve/CVE-2022-50026"
},
{
"category": "external",
"summary": "SUSE Bug 1245088 for CVE-2022-50026",
"url": "https://bugzilla.suse.com/1245088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50026"
},
{
"cve": "CVE-2022-50027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak when failing to issue CMF WQE\n\nThere is no corresponding free routine if lpfc_sli4_issue_wqe fails to\nissue the CMF WQE in lpfc_issue_cmf_sync_wqe.\n\nIf ret_val is non-zero, then free the iocbq request structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50027",
"url": "https://www.suse.com/security/cve/CVE-2022-50027"
},
{
"category": "external",
"summary": "SUSE Bug 1245073 for CVE-2022-50027",
"url": "https://bugzilla.suse.com/1245073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50027"
},
{
"cve": "CVE-2022-50028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngadgetfs: ep_io - wait until IRQ finishes\n\nafter usb_ep_queue() if wait_for_completion_interruptible() is\ninterrupted we need to wait until IRQ gets finished.\n\nOtherwise complete() from epio_complete() can corrupt stack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50028",
"url": "https://www.suse.com/security/cve/CVE-2022-50028"
},
{
"category": "external",
"summary": "SUSE Bug 1245135 for CVE-2022-50028",
"url": "https://bugzilla.suse.com/1245135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50028"
},
{
"cve": "CVE-2022-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: ipq8074: dont disable gcc_sleep_clk_src\n\nOnce the usb sleep clocks are disabled, clock framework is trying to\ndisable the sleep clock source also.\n\nHowever, it seems that it cannot be disabled and trying to do so produces:\n[ 245.436390] ------------[ cut here ]------------\n[ 245.441233] gcc_sleep_clk_src status stuck at \u0027on\u0027\n[ 245.441254] WARNING: CPU: 2 PID: 223 at clk_branch_wait+0x130/0x140\n[ 245.450435] Modules linked in: xhci_plat_hcd xhci_hcd dwc3 dwc3_qcom leds_gpio\n[ 245.456601] CPU: 2 PID: 223 Comm: sh Not tainted 5.18.0-rc4 #215\n[ 245.463889] Hardware name: Xiaomi AX9000 (DT)\n[ 245.470050] pstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 245.474307] pc : clk_branch_wait+0x130/0x140\n[ 245.481073] lr : clk_branch_wait+0x130/0x140\n[ 245.485588] sp : ffffffc009f2bad0\n[ 245.489838] x29: ffffffc009f2bad0 x28: ffffff8003e6c800 x27: 0000000000000000\n[ 245.493057] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800226ef20\n[ 245.500175] x23: ffffffc0089ff550 x22: 0000000000000000 x21: ffffffc008476ad0\n[ 245.507294] x20: 0000000000000000 x19: ffffffc00965ac70 x18: fffffffffffc51a7\n[ 245.514413] x17: 68702e3030303837 x16: 3a6d726f6674616c x15: ffffffc089f2b777\n[ 245.521531] x14: ffffffc0095c9d18 x13: 0000000000000129 x12: 0000000000000129\n[ 245.528649] x11: 00000000ffffffea x10: ffffffc009621d18 x9 : 0000000000000001\n[ 245.535767] x8 : 0000000000000001 x7 : 0000000000017fe8 x6 : 0000000000000001\n[ 245.542885] x5 : ffffff803fdca6d8 x4 : 0000000000000000 x3 : 0000000000000027\n[ 245.550002] x2 : 0000000000000027 x1 : 0000000000000023 x0 : 0000000000000026\n[ 245.557122] Call trace:\n[ 245.564229] clk_branch_wait+0x130/0x140\n[ 245.566490] clk_branch2_disable+0x2c/0x40\n[ 245.570656] clk_core_disable+0x60/0xb0\n[ 245.574561] clk_core_disable+0x68/0xb0\n[ 245.578293] clk_disable+0x30/0x50\n[ 245.582113] dwc3_qcom_remove+0x60/0xc0 [dwc3_qcom]\n[ 245.585588] platform_remove+0x28/0x60\n[ 245.590361] device_remove+0x4c/0x80\n[ 245.594179] device_release_driver_internal+0x1dc/0x230\n[ 245.597914] device_driver_detach+0x18/0x30\n[ 245.602861] unbind_store+0xec/0x110\n[ 245.607027] drv_attr_store+0x24/0x40\n[ 245.610847] sysfs_kf_write+0x44/0x60\n[ 245.614405] kernfs_fop_write_iter+0x128/0x1c0\n[ 245.618052] new_sync_write+0xc0/0x130\n[ 245.622391] vfs_write+0x1d4/0x2a0\n[ 245.626123] ksys_write+0x58/0xe0\n[ 245.629508] __arm64_sys_write+0x1c/0x30\n[ 245.632895] invoke_syscall.constprop.0+0x5c/0x110\n[ 245.636890] do_el0_svc+0xa0/0x150\n[ 245.641488] el0_svc+0x18/0x60\n[ 245.644872] el0t_64_sync_handler+0xa4/0x130\n[ 245.647914] el0t_64_sync+0x174/0x178\n[ 245.652340] ---[ end trace 0000000000000000 ]---\n\nSo, add CLK_IS_CRITICAL flag to the clock so that the kernel won\u0027t try\nto disable the sleep clock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50029",
"url": "https://www.suse.com/security/cve/CVE-2022-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1245146 for CVE-2022-50029",
"url": "https://bugzilla.suse.com/1245146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50029"
},
{
"cve": "CVE-2022-50030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input\n\nMalformed user input to debugfs results in buffer overflow crashes. Adapt\ninput string lengths to fit within internal buffers, leaving space for NULL\nterminators.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50030",
"url": "https://www.suse.com/security/cve/CVE-2022-50030"
},
{
"category": "external",
"summary": "SUSE Bug 1245265 for CVE-2022-50030",
"url": "https://bugzilla.suse.com/1245265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-50030"
},
{
"cve": "CVE-2022-50031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi: Fix HW conn removal use after free\n\nIf qla4xxx doesn\u0027t remove the connection before the session, the iSCSI\nclass tries to remove the connection for it. We were doing a\niscsi_put_conn() in the iter function which is not needed and will result\nin a use after free because iscsi_remove_conn() will free the connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50031",
"url": "https://www.suse.com/security/cve/CVE-2022-50031"
},
{
"category": "external",
"summary": "SUSE Bug 1245118 for CVE-2022-50031",
"url": "https://bugzilla.suse.com/1245118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50031"
},
{
"cve": "CVE-2022-50032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas: Fix refcount leak bug\n\nIn usbhs_rza1_hardware_init(), of_find_node_by_name() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50032",
"url": "https://www.suse.com/security/cve/CVE-2022-50032"
},
{
"category": "external",
"summary": "SUSE Bug 1245103 for CVE-2022-50032",
"url": "https://bugzilla.suse.com/1245103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50032"
},
{
"cve": "CVE-2022-50033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: ohci-ppc-of: Fix refcount leak bug\n\nIn ohci_hcd_ppc_of_probe(), of_find_compatible_node() will return\na node pointer with refcount incremented. We should use of_node_put()\nwhen it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50033",
"url": "https://www.suse.com/security/cve/CVE-2022-50033"
},
{
"category": "external",
"summary": "SUSE Bug 1245139 for CVE-2022-50033",
"url": "https://bugzilla.suse.com/1245139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50033"
},
{
"cve": "CVE-2022-50034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3 fix use-after-free at workaround 2\n\nBUG: KFENCE: use-after-free read in __list_del_entry_valid+0x10/0xac\n\ncdns3_wa2_remove_old_request()\n{\n\t...\n\tkfree(priv_req-\u003erequest.buf);\n\tcdns3_gadget_ep_free_request(\u0026priv_ep-\u003eendpoint, \u0026priv_req-\u003erequest);\n\tlist_del_init(\u0026priv_req-\u003elist);\n\t^^^ use after free\n\t...\n}\n\ncdns3_gadget_ep_free_request() free the space pointed by priv_req,\nbut priv_req is used in the following list_del_init().\n\nThis patch move list_del_init() before cdns3_gadget_ep_free_request().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50034",
"url": "https://www.suse.com/security/cve/CVE-2022-50034"
},
{
"category": "external",
"summary": "SUSE Bug 1245089 for CVE-2022-50034",
"url": "https://bugzilla.suse.com/1245089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50034"
},
{
"cve": "CVE-2022-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sun4i: dsi: Prevent underflow when computing packet sizes\n\nCurrently, the packet overhead is subtracted using unsigned arithmetic.\nWith a short sync pulse, this could underflow and wrap around to near\nthe maximal u16 value. Fix this by using signed subtraction. The call to\nmax() will correctly handle any negative numbers that are produced.\n\nApply the same fix to the other timings, even though those subtractions\nare less likely to underflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50036",
"url": "https://www.suse.com/security/cve/CVE-2022-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1244941 for CVE-2022-50036",
"url": "https://bugzilla.suse.com/1244941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50036"
},
{
"cve": "CVE-2022-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()\n\nIn this function, there are two refcount leak bugs:\n(1) when breaking out of for_each_endpoint_of_node(), we need call\nthe of_node_put() for the \u0027ep\u0027;\n(2) we should call of_node_put() for the reference returned by\nof_graph_get_remote_port() when it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50038",
"url": "https://www.suse.com/security/cve/CVE-2022-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1244943 for CVE-2022-50038",
"url": "https://bugzilla.suse.com/1244943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50038"
},
{
"cve": "CVE-2022-50039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50039"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstmmac: intel: Add a missing clk_disable_unprepare() call in intel_eth_pci_remove()\n\nCommit 09f012e64e4b (\"stmmac: intel: Fix clock handling on error and remove\npaths\") removed this clk_disable_unprepare()\n\nThis was partly revert by commit ac322f86b56c (\"net: stmmac: Fix clock\nhandling on remove path\") which removed this clk_disable_unprepare()\nbecause:\n\"\n While unloading the dwmac-intel driver, clk_disable_unprepare() is\n being called twice in stmmac_dvr_remove() and\n intel_eth_pci_remove(). This causes kernel panic on the second call.\n\"\n\nHowever later on, commit 5ec55823438e8 (\"net: stmmac: add clocks management\nfor gmac driver\") has updated stmmac_dvr_remove() which do not call\nclk_disable_unprepare() anymore.\n\nSo this call should now be called from intel_eth_pci_remove().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50039",
"url": "https://www.suse.com/security/cve/CVE-2022-50039"
},
{
"category": "external",
"summary": "SUSE Bug 1244942 for CVE-2022-50039",
"url": "https://bugzilla.suse.com/1244942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50039"
},
{
"cve": "CVE-2022-50040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions()\n\nIf an error occurs in dsa_devlink_region_create(), then \u0027priv-\u003eregions\u0027\narray will be accessed by negative index \u0027-1\u0027.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50040",
"url": "https://www.suse.com/security/cve/CVE-2022-50040"
},
{
"category": "external",
"summary": "SUSE Bug 1244949 for CVE-2022-50040",
"url": "https://bugzilla.suse.com/1244949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50040"
},
{
"cve": "CVE-2022-50045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pci: Fix get_phb_number() locking\n\nThe recent change to get_phb_number() causes a DEBUG_ATOMIC_SLEEP\nwarning on some systems:\n\n BUG: sleeping function called from invalid context at kernel/locking/mutex.c:580\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n 1 lock held by swapper/1:\n #0: c157efb0 (hose_spinlock){+.+.}-{2:2}, at: pcibios_alloc_controller+0x64/0x220\n Preemption disabled at:\n [\u003c00000000\u003e] 0x0\n CPU: 0 PID: 1 Comm: swapper Not tainted 5.19.0-yocto-standard+ #1\n Call Trace:\n [d101dc90] [c073b264] dump_stack_lvl+0x50/0x8c (unreliable)\n [d101dcb0] [c0093b70] __might_resched+0x258/0x2a8\n [d101dcd0] [c0d3e634] __mutex_lock+0x6c/0x6ec\n [d101dd50] [c0a84174] of_alias_get_id+0x50/0xf4\n [d101dd80] [c002ec78] pcibios_alloc_controller+0x1b8/0x220\n [d101ddd0] [c140c9dc] pmac_pci_init+0x198/0x784\n [d101de50] [c140852c] discover_phbs+0x30/0x4c\n [d101de60] [c0007fd4] do_one_initcall+0x94/0x344\n [d101ded0] [c1403b40] kernel_init_freeable+0x1a8/0x22c\n [d101df10] [c00086e0] kernel_init+0x34/0x160\n [d101df30] [c001b334] ret_from_kernel_thread+0x5c/0x64\n\nThis is because pcibios_alloc_controller() holds hose_spinlock but\nof_alias_get_id() takes of_mutex which can sleep.\n\nThe hose_spinlock protects the phb_bitmap, and also the hose_list, but\nit doesn\u0027t need to be held while get_phb_number() calls the OF routines,\nbecause those are only looking up information in the device tree.\n\nSo fix it by having get_phb_number() take the hose_spinlock itself, only\nwhere required, and then dropping the lock before returning.\npcibios_alloc_controller() then needs to take the lock again before the\nlist_add() but that\u0027s safe, the order of the list is not important.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50045",
"url": "https://www.suse.com/security/cve/CVE-2022-50045"
},
{
"category": "external",
"summary": "SUSE Bug 1244967 for CVE-2022-50045",
"url": "https://bugzilla.suse.com/1244967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50045"
},
{
"cve": "CVE-2022-50046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()\n\nThe issue happens on some error handling paths. When the function\nfails to grab the object `xprt`, it simply returns 0, forgetting to\ndecrease the reference count of another object `xps`, which is\nincreased by rpc_sysfs_xprt_kobj_get_xprt_switch(), causing refcount\nleaks. Also, the function forgets to check whether `xps` is valid\nbefore using it, which may result in NULL-dereferencing issues.\n\nFix it by adding proper error handling code when either `xprt` or\n`xps` is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50046",
"url": "https://www.suse.com/security/cve/CVE-2022-50046"
},
{
"category": "external",
"summary": "SUSE Bug 1244991 for CVE-2022-50046",
"url": "https://bugzilla.suse.com/1244991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50046"
},
{
"cve": "CVE-2022-50047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6060: prevent crash on an unused port\n\nIf the port isn\u0027t a CPU port nor a user port, \u0027cpu_dp\u0027\nis a null pointer and a crash happened on dereferencing\nit in mv88e6060_setup_port():\n\n[ 9.575872] Unable to handle kernel NULL pointer dereference at virtual address 00000014\n...\n[ 9.942216] mv88e6060_setup from dsa_register_switch+0x814/0xe84\n[ 9.948616] dsa_register_switch from mdio_probe+0x2c/0x54\n[ 9.954433] mdio_probe from really_probe.part.0+0x98/0x2a0\n[ 9.960375] really_probe.part.0 from driver_probe_device+0x30/0x10c\n[ 9.967029] driver_probe_device from __device_attach_driver+0xb8/0x13c\n[ 9.973946] __device_attach_driver from bus_for_each_drv+0x90/0xe0\n[ 9.980509] bus_for_each_drv from __device_attach+0x110/0x184\n[ 9.986632] __device_attach from bus_probe_device+0x8c/0x94\n[ 9.992577] bus_probe_device from deferred_probe_work_func+0x78/0xa8\n[ 9.999311] deferred_probe_work_func from process_one_work+0x290/0x73c\n[ 10.006292] process_one_work from worker_thread+0x30/0x4b8\n[ 10.012155] worker_thread from kthread+0xd4/0x10c\n[ 10.017238] kthread from ret_from_fork+0x14/0x3c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50047",
"url": "https://www.suse.com/security/cve/CVE-2022-50047"
},
{
"category": "external",
"summary": "SUSE Bug 1244993 for CVE-2022-50047",
"url": "https://bugzilla.suse.com/1244993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50047"
},
{
"cve": "CVE-2022-50051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: debug: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in the buffer\noverflow (although it\u0027s unrealistic).\n\nThis patch replaces with a safer version, scnprintf() for papering\nover such a potential issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50051",
"url": "https://www.suse.com/security/cve/CVE-2022-50051"
},
{
"category": "external",
"summary": "SUSE Bug 1245041 for CVE-2022-50051",
"url": "https://bugzilla.suse.com/1245041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50051"
},
{
"cve": "CVE-2022-50053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix reset error handling\n\nDo not call iavf_close in iavf_reset_task error handling. Doing so can\nlead to double call of napi_disable, which can lead to deadlock there.\nRemoving VF would lead to iavf_remove task being stuck, because it\nrequires crit_lock, which is held by iavf_close.\nCall iavf_disable_vf if reset fail, so that driver will clean up\nremaining invalid resources.\nDuring rapid VF resets, HW can fail to setup VF mailbox. Wrong\nerror handling can lead to iavf_remove being stuck with:\n[ 5218.999087] iavf 0000:82:01.0: Failed to init adminq: -53\n...\n[ 5267.189211] INFO: task repro.sh:11219 blocked for more than 30 seconds.\n[ 5267.189520] Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.189764] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 5267.190062] task:repro.sh state:D stack: 0 pid:11219 ppid: 8162 flags:0x00000000\n[ 5267.190347] Call Trace:\n[ 5267.190647] \u003cTASK\u003e\n[ 5267.190927] __schedule+0x460/0x9f0\n[ 5267.191264] schedule+0x44/0xb0\n[ 5267.191563] schedule_preempt_disabled+0x14/0x20\n[ 5267.191890] __mutex_lock.isra.12+0x6e3/0xac0\n[ 5267.192237] ? iavf_remove+0xf9/0x6c0 [iavf]\n[ 5267.192565] iavf_remove+0x12a/0x6c0 [iavf]\n[ 5267.192911] ? _raw_spin_unlock_irqrestore+0x1e/0x40\n[ 5267.193285] pci_device_remove+0x36/0xb0\n[ 5267.193619] device_release_driver_internal+0xc1/0x150\n[ 5267.193974] pci_stop_bus_device+0x69/0x90\n[ 5267.194361] pci_stop_and_remove_bus_device+0xe/0x20\n[ 5267.194735] pci_iov_remove_virtfn+0xba/0x120\n[ 5267.195130] sriov_disable+0x2f/0xe0\n[ 5267.195506] ice_free_vfs+0x7d/0x2f0 [ice]\n[ 5267.196056] ? pci_get_device+0x4f/0x70\n[ 5267.196496] ice_sriov_configure+0x78/0x1a0 [ice]\n[ 5267.196995] sriov_numvfs_store+0xfe/0x140\n[ 5267.197466] kernfs_fop_write_iter+0x12e/0x1c0\n[ 5267.197918] new_sync_write+0x10c/0x190\n[ 5267.198404] vfs_write+0x24e/0x2d0\n[ 5267.198886] ksys_write+0x5c/0xd0\n[ 5267.199367] do_syscall_64+0x3a/0x80\n[ 5267.199827] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 5267.200317] RIP: 0033:0x7f5b381205c8\n[ 5267.200814] RSP: 002b:00007fff8c7e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 5267.201981] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5b381205c8\n[ 5267.202620] RDX: 0000000000000002 RSI: 00005569420ee900 RDI: 0000000000000001\n[ 5267.203426] RBP: 00005569420ee900 R08: 000000000000000a R09: 00007f5b38180820\n[ 5267.204327] R10: 000000000000000a R11: 0000000000000246 R12: 00007f5b383c06e0\n[ 5267.205193] R13: 0000000000000002 R14: 00007f5b383bb880 R15: 0000000000000002\n[ 5267.206041] \u003c/TASK\u003e\n[ 5267.206970] Kernel panic - not syncing: hung_task: blocked tasks\n[ 5267.207809] CPU: 48 PID: 551 Comm: khungtaskd Kdump: loaded Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.208726] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.11.0 11/02/2019\n[ 5267.209623] Call Trace:\n[ 5267.210569] \u003cTASK\u003e\n[ 5267.211480] dump_stack_lvl+0x33/0x42\n[ 5267.212472] panic+0x107/0x294\n[ 5267.213467] watchdog.cold.8+0xc/0xbb\n[ 5267.214413] ? proc_dohung_task_timeout_secs+0x30/0x30\n[ 5267.215511] kthread+0xf4/0x120\n[ 5267.216459] ? kthread_complete_and_exit+0x20/0x20\n[ 5267.217505] ret_from_fork+0x22/0x30\n[ 5267.218459] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50053",
"url": "https://www.suse.com/security/cve/CVE-2022-50053"
},
{
"category": "external",
"summary": "SUSE Bug 1245038 for CVE-2022-50053",
"url": "https://bugzilla.suse.com/1245038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50053"
},
{
"cve": "CVE-2022-50055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix adminq error handling\n\niavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent\nmemory for VF mailbox.\nFree DMA regions for both ASQ and ARQ in case error happens during\nconfiguration of ASQ/ARQ registers.\nWithout this change it is possible to see when unloading interface:\n74626.583369: dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32]\nOne of leaked entries details: [device address=0x0000000b27ff9000] [size=4096 bytes] [mapped with DMA_BIDIRECTIONAL] [mapped as coherent]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50055",
"url": "https://www.suse.com/security/cve/CVE-2022-50055"
},
{
"category": "external",
"summary": "SUSE Bug 1245039 for CVE-2022-50055",
"url": "https://bugzilla.suse.com/1245039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50055"
},
{
"cve": "CVE-2022-50059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: don\u0027t leak snap_rwsem in handle_cap_grant\n\nWhen handle_cap_grant is called on an IMPORT op, then the snap_rwsem is\nheld and the function is expected to release it before returning. It\ncurrently fails to do that in all cases which could lead to a deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50059",
"url": "https://www.suse.com/security/cve/CVE-2022-50059"
},
{
"category": "external",
"summary": "SUSE Bug 1245031 for CVE-2022-50059",
"url": "https://bugzilla.suse.com/1245031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50059"
},
{
"cve": "CVE-2022-50060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Fix mcam entry resource leak\n\nThe teardown sequence in FLR handler returns if no NIX LF\nis attached to PF/VF because it indicates that graceful\nshutdown of resources already happened. But there is a\nchance of all allocated MCAM entries not being freed by\nPF/VF. Hence free mcam entries even in case of detached LF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50060",
"url": "https://www.suse.com/security/cve/CVE-2022-50060"
},
{
"category": "external",
"summary": "SUSE Bug 1245032 for CVE-2022-50060",
"url": "https://bugzilla.suse.com/1245032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50060"
},
{
"cve": "CVE-2022-50061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50061",
"url": "https://www.suse.com/security/cve/CVE-2022-50061"
},
{
"category": "external",
"summary": "SUSE Bug 1245033 for CVE-2022-50061",
"url": "https://bugzilla.suse.com/1245033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50061"
},
{
"cve": "CVE-2022-50062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bgmac: Fix a BUG triggered by wrong bytes_compl\n\nOn one of our machines we got:\n\nkernel BUG at lib/dynamic_queue_limits.c:27!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM\nCPU: 0 PID: 1166 Comm: irq/41-bgmac Tainted: G W O 4.14.275-rt132 #1\nHardware name: BRCM XGS iProc\ntask: ee3415c0 task.stack: ee32a000\nPC is at dql_completed+0x168/0x178\nLR is at bgmac_poll+0x18c/0x6d8\npc : [\u003cc03b9430\u003e] lr : [\u003cc04b5a18\u003e] psr: 800a0313\nsp : ee32be14 ip : 000005ea fp : 00000bd4\nr10: ee558500 r9 : c0116298 r8 : 00000002\nr7 : 00000000 r6 : ef128810 r5 : 01993267 r4 : 01993851\nr3 : ee558000 r2 : 000070e1 r1 : 00000bd4 r0 : ee52c180\nFlags: Nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 12c5387d Table: 8e88c04a DAC: 00000051\nProcess irq/41-bgmac (pid: 1166, stack limit = 0xee32a210)\nStack: (0xee32be14 to 0xee32c000)\nbe00: ee558520 ee52c100 ef128810\nbe20: 00000000 00000002 c0116298 c04b5a18 00000000 c0a0c8c4 c0951780 00000040\nbe40: c0701780 ee558500 ee55d520 ef05b340 ef6f9780 ee558520 00000001 00000040\nbe60: ffffe000 c0a56878 ef6fa040 c0952040 0000012c c0528744 ef6f97b0 fffcfb6a\nbe80: c0a04104 2eda8000 c0a0c4ec c0a0d368 ee32bf44 c0153534 ee32be98 ee32be98\nbea0: ee32bea0 ee32bea0 ee32bea8 ee32bea8 00000000 c01462e4 ffffe000 ef6f22a8\nbec0: ffffe000 00000008 ee32bee4 c0147430 ffffe000 c094a2a8 00000003 ffffe000\nbee0: c0a54528 00208040 0000000c c0a0c8c4 c0a65980 c0124d3c 00000008 ee558520\nbf00: c094a23c c0a02080 00000000 c07a9910 ef136970 ef136970 ee30a440 ef136900\nbf20: ee30a440 00000001 ef136900 ee30a440 c016d990 00000000 c0108db0 c012500c\nbf40: ef136900 c016da14 ee30a464 ffffe000 00000001 c016dd14 00000000 c016db28\nbf60: ffffe000 ee21a080 ee30a400 00000000 ee32a000 ee30a440 c016dbfc ee25fd70\nbf80: ee21a09c c013edcc ee32a000 ee30a400 c013ec7c 00000000 00000000 00000000\nbfa0: 00000000 00000000 00000000 c0108470 00000000 00000000 00000000 00000000\nbfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\nbfe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000\n[\u003cc03b9430\u003e] (dql_completed) from [\u003cc04b5a18\u003e] (bgmac_poll+0x18c/0x6d8)\n[\u003cc04b5a18\u003e] (bgmac_poll) from [\u003cc0528744\u003e] (net_rx_action+0x1c4/0x494)\n[\u003cc0528744\u003e] (net_rx_action) from [\u003cc0124d3c\u003e] (do_current_softirqs+0x1ec/0x43c)\n[\u003cc0124d3c\u003e] (do_current_softirqs) from [\u003cc012500c\u003e] (__local_bh_enable+0x80/0x98)\n[\u003cc012500c\u003e] (__local_bh_enable) from [\u003cc016da14\u003e] (irq_forced_thread_fn+0x84/0x98)\n[\u003cc016da14\u003e] (irq_forced_thread_fn) from [\u003cc016dd14\u003e] (irq_thread+0x118/0x1c0)\n[\u003cc016dd14\u003e] (irq_thread) from [\u003cc013edcc\u003e] (kthread+0x150/0x158)\n[\u003cc013edcc\u003e] (kthread) from [\u003cc0108470\u003e] (ret_from_fork+0x14/0x24)\nCode: a83f15e0 0200001a 0630a0e1 c3ffffea (f201f0e7)\n\nThe issue seems similar to commit 90b3b339364c (\"net: hisilicon: Fix a BUG\ntrigered by wrong bytes_compl\") and potentially introduced by commit\nb38c83dd0866 (\"bgmac: simplify tx ring index handling\").\n\nIf there is an RX interrupt between setting ring-\u003eend\nand netdev_sent_queue() we can hit the BUG_ON as bgmac_dma_tx_free()\ncan miscalculate the queue size while called from bgmac_poll().\n\nThe machine which triggered the BUG runs a v4.14 RT kernel - but the issue\nseems present in mainline too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50062",
"url": "https://www.suse.com/security/cve/CVE-2022-50062"
},
{
"category": "external",
"summary": "SUSE Bug 1245028 for CVE-2022-50062",
"url": "https://bugzilla.suse.com/1245028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50062"
},
{
"cve": "CVE-2022-50065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: fix memory leak inside XPD_TX with mergeable\n\nWhen we call xdp_convert_buff_to_frame() to get xdpf, if it returns\nNULL, we should check if xdp_page was allocated by xdp_linearize_page().\nIf it is newly allocated, it should be freed here alone. Just like any\nother \"goto err_xdp\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50065",
"url": "https://www.suse.com/security/cve/CVE-2022-50065"
},
{
"category": "external",
"summary": "SUSE Bug 1244986 for CVE-2022-50065",
"url": "https://bugzilla.suse.com/1244986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50065"
},
{
"cve": "CVE-2022-50066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: fix aq_vec index out of range error\n\nThe final update statement of the for loop exceeds the array range, the\ndereference of self-\u003eaq_vec[i] is not checked and then leads to the\nindex out of range error.\nAlso fixed this kind of coding style in other for loop.\n\n[ 97.937604] UBSAN: array-index-out-of-bounds in drivers/net/ethernet/aquantia/atlantic/aq_nic.c:1404:48\n[ 97.937607] index 8 is out of range for type \u0027aq_vec_s *[8]\u0027\n[ 97.937608] CPU: 38 PID: 3767 Comm: kworker/u256:18 Not tainted 5.19.0+ #2\n[ 97.937610] Hardware name: Dell Inc. Precision 7865 Tower/, BIOS 1.0.0 06/12/2022\n[ 97.937611] Workqueue: events_unbound async_run_entry_fn\n[ 97.937616] Call Trace:\n[ 97.937617] \u003cTASK\u003e\n[ 97.937619] dump_stack_lvl+0x49/0x63\n[ 97.937624] dump_stack+0x10/0x16\n[ 97.937626] ubsan_epilogue+0x9/0x3f\n[ 97.937627] __ubsan_handle_out_of_bounds.cold+0x44/0x49\n[ 97.937629] ? __scm_send+0x348/0x440\n[ 97.937632] ? aq_vec_stop+0x72/0x80 [atlantic]\n[ 97.937639] aq_nic_stop+0x1b6/0x1c0 [atlantic]\n[ 97.937644] aq_suspend_common+0x88/0x90 [atlantic]\n[ 97.937648] aq_pm_suspend_poweroff+0xe/0x20 [atlantic]\n[ 97.937653] pci_pm_suspend+0x7e/0x1a0\n[ 97.937655] ? pci_pm_suspend_noirq+0x2b0/0x2b0\n[ 97.937657] dpm_run_callback+0x54/0x190\n[ 97.937660] __device_suspend+0x14c/0x4d0\n[ 97.937661] async_suspend+0x23/0x70\n[ 97.937663] async_run_entry_fn+0x33/0x120\n[ 97.937664] process_one_work+0x21f/0x3f0\n[ 97.937666] worker_thread+0x4a/0x3c0\n[ 97.937668] ? process_one_work+0x3f0/0x3f0\n[ 97.937669] kthread+0xf0/0x120\n[ 97.937671] ? kthread_complete_and_exit+0x20/0x20\n[ 97.937672] ret_from_fork+0x22/0x30\n[ 97.937676] \u003c/TASK\u003e\n\nv2. fixed \"warning: variable \u0027aq_vec\u0027 set but not used\"\n\nv3. simplified a for loop",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50066",
"url": "https://www.suse.com/security/cve/CVE-2022-50066"
},
{
"category": "external",
"summary": "SUSE Bug 1244985 for CVE-2022-50066",
"url": "https://bugzilla.suse.com/1244985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50066"
},
{
"cve": "CVE-2022-50067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: unset reloc control if transaction commit fails in prepare_to_relocate()\n\nIn btrfs_relocate_block_group(), the rc is allocated. Then\nbtrfs_relocate_block_group() calls\n\nrelocate_block_group()\n prepare_to_relocate()\n set_reloc_control()\n\nthat assigns rc to the variable fs_info-\u003ereloc_ctl. When\nprepare_to_relocate() returns, it calls\n\nbtrfs_commit_transaction()\n btrfs_start_dirty_block_groups()\n btrfs_alloc_path()\n kmem_cache_zalloc()\n\nwhich may fail for example (or other errors could happen). When the\nfailure occurs, btrfs_relocate_block_group() detects the error and frees\nrc and doesn\u0027t set fs_info-\u003ereloc_ctl to NULL. After that, in\nbtrfs_init_reloc_root(), rc is retrieved from fs_info-\u003ereloc_ctl and\nthen used, which may cause a use-after-free bug.\n\nThis possible bug can be triggered by calling btrfs_ioctl_balance()\nbefore calling btrfs_ioctl_defrag().\n\nTo fix this possible bug, in prepare_to_relocate(), check if\nbtrfs_commit_transaction() fails. If the failure occurs,\nunset_reloc_control() is called to set fs_info-\u003ereloc_ctl to NULL.\n\nThe error log in our fault-injection testing is shown as follows:\n\n [ 58.751070] BUG: KASAN: use-after-free in btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n ...\n [ 58.753577] Call Trace:\n ...\n [ 58.755800] kasan_report+0x45/0x60\n [ 58.756066] btrfs_init_reloc_root+0x7ca/0x920 [btrfs]\n [ 58.757304] record_root_in_trans+0x792/0xa10 [btrfs]\n [ 58.757748] btrfs_record_root_in_trans+0x463/0x4f0 [btrfs]\n [ 58.758231] start_transaction+0x896/0x2950 [btrfs]\n [ 58.758661] btrfs_defrag_root+0x250/0xc00 [btrfs]\n [ 58.759083] btrfs_ioctl_defrag+0x467/0xa00 [btrfs]\n [ 58.759513] btrfs_ioctl+0x3c95/0x114e0 [btrfs]\n ...\n [ 58.768510] Allocated by task 23683:\n [ 58.768777] ____kasan_kmalloc+0xb5/0xf0\n [ 58.769069] __kmalloc+0x227/0x3d0\n [ 58.769325] alloc_reloc_control+0x10a/0x3d0 [btrfs]\n [ 58.769755] btrfs_relocate_block_group+0x7aa/0x1e20 [btrfs]\n [ 58.770228] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.770655] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.771071] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.771472] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.771902] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...\n [ 58.773337] Freed by task 23683:\n ...\n [ 58.774815] kfree+0xda/0x2b0\n [ 58.775038] free_reloc_control+0x1d6/0x220 [btrfs]\n [ 58.775465] btrfs_relocate_block_group+0x115c/0x1e20 [btrfs]\n [ 58.775944] btrfs_relocate_chunk+0xf1/0x760 [btrfs]\n [ 58.776369] __btrfs_balance+0x1326/0x1f10 [btrfs]\n [ 58.776784] btrfs_balance+0x3150/0x3d30 [btrfs]\n [ 58.777185] btrfs_ioctl_balance+0xd84/0x1410 [btrfs]\n [ 58.777621] btrfs_ioctl+0x4caa/0x114e0 [btrfs]\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50067",
"url": "https://www.suse.com/security/cve/CVE-2022-50067"
},
{
"category": "external",
"summary": "SUSE Bug 1245047 for CVE-2022-50067",
"url": "https://bugzilla.suse.com/1245047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50067"
},
{
"cve": "CVE-2022-50068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ttm: Fix dummy res NULL ptr deref bug\n\nCheck the bo-\u003eresource value before accessing the resource\nmem_type.\n\nv2: Fix commit description unwrapped warning\n\n\u003clog snip\u003e\n[ 40.191227][ T184] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI\n[ 40.192995][ T184] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n[ 40.194411][ T184] CPU: 1 PID: 184 Comm: systemd-udevd Not tainted 5.19.0-rc4-00721-gb297c22b7070 #1\n[ 40.196063][ T184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014\n[ 40.199605][ T184] RIP: 0010:ttm_bo_validate+0x1b3/0x240 [ttm]\n[ 40.200754][ T184] Code: e8 72 c5 ff ff 83 f8 b8 74 d4 85 c0 75 54 49 8b 9e 58 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 10 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 04 3c 03 7e 44 8b 53 10 31 c0 85 d2 0f 85 58\n[ 40.203685][ T184] RSP: 0018:ffffc900006df0c8 EFLAGS: 00010202\n[ 40.204630][ T184] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffff1102f4bb71b\n[ 40.205864][ T184] RDX: 0000000000000002 RSI: ffffc900006df208 RDI: 0000000000000010\n[ 40.207102][ T184] RBP: 1ffff920000dbe1a R08: ffffc900006df208 R09: 0000000000000000\n[ 40.208394][ T184] R10: ffff88817a5f0000 R11: 0000000000000001 R12: ffffc900006df110\n[ 40.209692][ T184] R13: ffffc900006df0f0 R14: ffff88817a5db800 R15: ffffc900006df208\n[ 40.210862][ T184] FS: 00007f6b1d16e8c0(0000) GS:ffff88839d700000(0000) knlGS:0000000000000000\n[ 40.212250][ T184] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 40.213275][ T184] CR2: 000055a1001d4ff0 CR3: 00000001700f4000 CR4: 00000000000006e0\n[ 40.214469][ T184] Call Trace:\n[ 40.214974][ T184] \u003cTASK\u003e\n[ 40.215438][ T184] ? ttm_bo_bounce_temp_buffer+0x140/0x140 [ttm]\n[ 40.216572][ T184] ? mutex_spin_on_owner+0x240/0x240\n[ 40.217456][ T184] ? drm_vma_offset_add+0xaa/0x100 [drm]\n[ 40.218457][ T184] ttm_bo_init_reserved+0x3d6/0x540 [ttm]\n[ 40.219410][ T184] ? shmem_get_inode+0x744/0x980\n[ 40.220231][ T184] ttm_bo_init_validate+0xb1/0x200 [ttm]\n[ 40.221172][ T184] ? bo_driver_evict_flags+0x340/0x340 [drm_vram_helper]\n[ 40.222530][ T184] ? ttm_bo_init_reserved+0x540/0x540 [ttm]\n[ 40.223643][ T184] ? __do_sys_finit_module+0x11a/0x1c0\n[ 40.224654][ T184] ? __shmem_file_setup+0x102/0x280\n[ 40.234764][ T184] drm_gem_vram_create+0x305/0x480 [drm_vram_helper]\n[ 40.235766][ T184] ? bo_driver_evict_flags+0x340/0x340 [drm_vram_helper]\n[ 40.236846][ T184] ? __kasan_slab_free+0x108/0x180\n[ 40.237650][ T184] drm_gem_vram_fill_create_dumb+0x134/0x340 [drm_vram_helper]\n[ 40.238864][ T184] ? local_pci_probe+0xdf/0x180\n[ 40.239674][ T184] ? drmm_vram_helper_init+0x400/0x400 [drm_vram_helper]\n[ 40.240826][ T184] drm_client_framebuffer_create+0x19c/0x400 [drm]\n[ 40.241955][ T184] ? drm_client_buffer_delete+0x200/0x200 [drm]\n[ 40.243001][ T184] ? drm_client_pick_crtcs+0x554/0xb80 [drm]\n[ 40.244030][ T184] drm_fb_helper_generic_probe+0x23f/0x940 [drm_kms_helper]\n[ 40.245226][ T184] ? __cond_resched+0x1c/0xc0\n[ 40.245987][ T184] ? drm_fb_helper_memory_range_to_clip+0x180/0x180 [drm_kms_helper]\n[ 40.247316][ T184] ? mutex_unlock+0x80/0x100\n[ 40.248005][ T184] ? __mutex_unlock_slowpath+0x2c0/0x2c0\n[ 40.249083][ T184] drm_fb_helper_single_fb_probe+0x907/0xf00 [drm_kms_helper]\n[ 40.250314][ T184] ? drm_fb_helper_check_var+0x1180/0x1180 [drm_kms_helper]\n[ 40.251540][ T184] ? __cond_resched+0x1c/0xc0\n[ 40.252321][ T184] ? mutex_lock+0x9f/0x100\n[ 40.253062][ T184] __drm_fb_helper_initial_config_and_unlock+0xb9/0x2c0 [drm_kms_helper]\n[ 40.254394][ T184] drm_fbdev_client_hotplug+0x56f/0x840 [drm_kms_helper]\n[ 40.255477][ T184] drm_fbdev_generic_setup+0x165/0x3c0 [drm_kms_helper]\n[ 40.256607][ T184] bochs_pci_probe+0x6b7/0x900 [bochs]\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50068",
"url": "https://www.suse.com/security/cve/CVE-2022-50068"
},
{
"category": "external",
"summary": "SUSE Bug 1245142 for CVE-2022-50068",
"url": "https://bugzilla.suse.com/1245142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50068"
},
{
"cve": "CVE-2022-50072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pnfs: Fix a use-after-free bug in open\n\nIf someone cancels the open RPC call, then we must not try to free\neither the open slot or the layoutget operation arguments, since they\nare likely still in use by the hung RPC call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50072",
"url": "https://www.suse.com/security/cve/CVE-2022-50072"
},
{
"category": "external",
"summary": "SUSE Bug 1244979 for CVE-2022-50072",
"url": "https://bugzilla.suse.com/1244979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50072"
},
{
"cve": "CVE-2022-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tap: NULL pointer derefence in dev_parse_header_protocol when skb-\u003edev is null\n\nFixes a NULL pointer derefence bug triggered from tap driver.\nWhen tap_get_user calls virtio_net_hdr_to_skb the skb-\u003edev is null\n(in tap.c skb-\u003edev is set after the call to virtio_net_hdr_to_skb)\nvirtio_net_hdr_to_skb calls dev_parse_header_protocol which\nneeds skb-\u003edev field to be valid.\n\nThe line that trigers the bug is in dev_parse_header_protocol\n(dev is at offset 0x10 from skb and is stored in RAX register)\n if (!dev-\u003eheader_ops || !dev-\u003eheader_ops-\u003eparse_protocol)\n 22e1: mov 0x10(%rbx),%rax\n 22e5:\t mov 0x230(%rax),%rax\n\nSetting skb-\u003edev before the call in tap.c fixes the issue.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000230\nRIP: 0010:virtio_net_hdr_to_skb.constprop.0+0x335/0x410 [tap]\nCode: c0 0f 85 b7 fd ff ff eb d4 41 39 c6 77 cf 29 c6 48 89 df 44 01 f6 e8 7a 79 83 c1 48 85 c0 0f 85 d9 fd ff ff eb b7 48 8b 43 10 \u003c48\u003e 8b 80 30 02 00 00 48 85 c0 74 55 48 8b 40 28 48 85 c0 74 4c 48\nRSP: 0018:ffffc90005c27c38 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff888298f25300 RCX: 0000000000000010\nRDX: 0000000000000005 RSI: ffffc90005c27cb6 RDI: ffff888298f25300\nRBP: ffffc90005c27c80 R08: 00000000ffffffea R09: 00000000000007e8\nR10: ffff88858ec77458 R11: 0000000000000000 R12: 0000000000000001\nR13: 0000000000000014 R14: ffffc90005c27e08 R15: ffffc90005c27cb6\nFS: 0000000000000000(0000) GS:ffff88858ec40000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000230 CR3: 0000000281408006 CR4: 00000000003706e0\nCall Trace:\n tap_get_user+0x3f1/0x540 [tap]\n tap_sendmsg+0x56/0x362 [tap]\n ? get_tx_bufs+0xc2/0x1e0 [vhost_net]\n handle_tx_copy+0x114/0x670 [vhost_net]\n handle_tx+0xb0/0xe0 [vhost_net]\n handle_tx_kick+0x15/0x20 [vhost_net]\n vhost_worker+0x7b/0xc0 [vhost]\n ? vhost_vring_call_reset+0x40/0x40 [vhost]\n kthread+0xfa/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50073",
"url": "https://www.suse.com/security/cve/CVE-2022-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1244978 for CVE-2022-50073",
"url": "https://bugzilla.suse.com/1244978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50073"
},
{
"cve": "CVE-2022-50074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: Fix memleak in aa_simple_write_to_buffer()\n\nWhen copy_from_user failed, the memory is freed by kvfree. however the\nmanagement struct and data blob are allocated independently, so only\nkvfree(data) cause a memleak issue here. Use aa_put_loaddata(data) to\nfix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50074",
"url": "https://www.suse.com/security/cve/CVE-2022-50074"
},
{
"category": "external",
"summary": "SUSE Bug 1244965 for CVE-2022-50074",
"url": "https://bugzilla.suse.com/1244965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50074"
},
{
"cve": "CVE-2022-50076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix memory leak on the deferred close\n\nxfstests on smb21 report kmemleak as below:\n\n unreferenced object 0xffff8881767d6200 (size 64):\n comm \"xfs_io\", pid 1284, jiffies 4294777434 (age 20.789s)\n hex dump (first 32 bytes):\n 80 5a d0 11 81 88 ff ff 78 8a aa 63 81 88 ff ff .Z......x..c....\n 00 71 99 76 81 88 ff ff 00 00 00 00 00 00 00 00 .q.v............\n backtrace:\n [\u003c00000000ad04e6ea\u003e] cifs_close+0x92/0x2c0\n [\u003c0000000028b93c82\u003e] __fput+0xff/0x3f0\n [\u003c00000000d8116851\u003e] task_work_run+0x85/0xc0\n [\u003c0000000027e14f9e\u003e] do_exit+0x5e5/0x1240\n [\u003c00000000fb492b95\u003e] do_group_exit+0x58/0xe0\n [\u003c00000000129a32d9\u003e] __x64_sys_exit_group+0x28/0x30\n [\u003c00000000e3f7d8e9\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000102e8a0b\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nWhen cancel the deferred close work, we should also cleanup the struct\ncifs_deferred_close.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50076",
"url": "https://www.suse.com/security/cve/CVE-2022-50076"
},
{
"category": "external",
"summary": "SUSE Bug 1244983 for CVE-2022-50076",
"url": "https://bugzilla.suse.com/1244983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50076"
},
{
"cve": "CVE-2022-50077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix reference count leak in aa_pivotroot()\n\nThe aa_pivotroot() function has a reference counting bug in a specific\npath. When aa_replace_current_label() returns on success, the function\nforgets to decrement the reference count of \"target\", which is\nincreased earlier by build_pivotroot(), causing a reference leak.\n\nFix it by decreasing the refcount of \"target\" in that path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50077",
"url": "https://www.suse.com/security/cve/CVE-2022-50077"
},
{
"category": "external",
"summary": "SUSE Bug 1244977 for CVE-2022-50077",
"url": "https://bugzilla.suse.com/1244977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50077"
},
{
"cve": "CVE-2022-50079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check correct bounds for stream encoder instances for DCN303\n\n[Why \u0026 How]\neng_id for DCN303 cannot be more than 1, since we have only two\ninstances of stream encoders.\n\nCheck the correct boundary condition for engine ID for DCN303 prevent\nthe potential out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50079",
"url": "https://www.suse.com/security/cve/CVE-2022-50079"
},
{
"category": "external",
"summary": "SUSE Bug 1244970 for CVE-2022-50079",
"url": "https://bugzilla.suse.com/1244970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50079"
},
{
"cve": "CVE-2022-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h\n\nWhen adding an xattr to an inode, we must ensure that the inode_size is\nnot less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise,\nthe end position may be greater than the start position, resulting in UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50083",
"url": "https://www.suse.com/security/cve/CVE-2022-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1244968 for CVE-2022-50083",
"url": "https://bugzilla.suse.com/1244968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50083"
},
{
"cve": "CVE-2022-50084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_status\n\nThere is this warning when using a kernel with the address sanitizer\nand running this testsuite:\nhttps://gitlab.com/cki-project/kernel-tests/-/tree/main/storage/swraid/scsi_raid\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in raid_status+0x1747/0x2820 [dm_raid]\nRead of size 4 at addr ffff888079d2c7e8 by task lvcreate/13319\nCPU: 0 PID: 13319 Comm: lvcreate Not tainted 5.18.0-0.rc3.\u003csnip\u003e #1\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6a/0x9c\n print_address_description.constprop.0+0x1f/0x1e0\n print_report.cold+0x55/0x244\n kasan_report+0xc9/0x100\n raid_status+0x1747/0x2820 [dm_raid]\n dm_ima_measure_on_table_load+0x4b8/0xca0 [dm_mod]\n table_load+0x35c/0x630 [dm_mod]\n ctl_ioctl+0x411/0x630 [dm_mod]\n dm_ctl_ioctl+0xa/0x10 [dm_mod]\n __x64_sys_ioctl+0x12a/0x1a0\n do_syscall_64+0x5b/0x80\n\nThe warning is caused by reading conf-\u003emax_nr_stripes in raid_status. The\ncode in raid_status reads mddev-\u003eprivate, casts it to struct r5conf and\nreads the entry max_nr_stripes.\n\nHowever, if we have different raid type than 4/5/6, mddev-\u003eprivate\ndoesn\u0027t point to struct r5conf; it may point to struct r0conf, struct\nr1conf, struct r10conf or struct mpconf. If we cast a pointer to one\nof these structs to struct r5conf, we will be reading invalid memory\nand KASAN warns about it.\n\nFix this bug by reading struct r5conf only if raid type is 4, 5 or 6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50084",
"url": "https://www.suse.com/security/cve/CVE-2022-50084"
},
{
"category": "external",
"summary": "SUSE Bug 1245117 for CVE-2022-50084",
"url": "https://bugzilla.suse.com/1245117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50084"
},
{
"cve": "CVE-2022-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm raid: fix address sanitizer warning in raid_resume\n\nThere is a KASAN warning in raid_resume when running the lvm test\nlvconvert-raid.sh. The reason for the warning is that mddev-\u003eraid_disks\nis greater than rs-\u003eraid_disks, so the loop touches one entry beyond\nthe allocated length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50085",
"url": "https://www.suse.com/security/cve/CVE-2022-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1245147 for CVE-2022-50085",
"url": "https://bugzilla.suse.com/1245147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50085"
},
{
"cve": "CVE-2022-50087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n\nWhen scpi probe fails, at any point, we need to ensure that the scpi_info\nis not set and will remain NULL until the probe succeeds. If it is not\ntaken care, then it could result use-after-free as the value is exported\nvia get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()\nbut freed when the probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50087",
"url": "https://www.suse.com/security/cve/CVE-2022-50087"
},
{
"category": "external",
"summary": "SUSE Bug 1245119 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245119"
},
{
"category": "external",
"summary": "SUSE Bug 1245294 for CVE-2022-50087",
"url": "https://bugzilla.suse.com/1245294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-50087"
},
{
"cve": "CVE-2022-50092",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50092"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: fix use-after-free crash in dm_sm_register_threshold_callback\n\nFault inject on pool metadata device reports:\n BUG: KASAN: use-after-free in dm_pool_register_metadata_threshold+0x40/0x80\n Read of size 8 at addr ffff8881b9d50068 by task dmsetup/950\n\n CPU: 7 PID: 950 Comm: dmsetup Tainted: G W 5.19.0-rc6 #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_address_description.constprop.0.cold+0xeb/0x3f4\n kasan_report.cold+0xe6/0x147\n dm_pool_register_metadata_threshold+0x40/0x80\n pool_ctr+0xa0a/0x1150\n dm_table_add_target+0x2c8/0x640\n table_load+0x1fd/0x430\n ctl_ioctl+0x2c4/0x5a0\n dm_ctl_ioctl+0xa/0x10\n __x64_sys_ioctl+0xb3/0xd0\n do_syscall_64+0x35/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThis can be easily reproduced using:\n echo offline \u003e /sys/block/sda/device/state\n dd if=/dev/zero of=/dev/mapper/thin bs=4k count=10\n dmsetup load pool --table \"0 20971520 thin-pool /dev/sda /dev/sdb 128 0 0\"\n\nIf a metadata commit fails, the transaction will be aborted and the\nmetadata space maps will be destroyed. If a DM table reload then\nhappens for this failed thin-pool, a use-after-free will occur in\ndm_sm_register_threshold_callback (called from\ndm_pool_register_metadata_threshold).\n\nFix this by in dm_pool_register_metadata_threshold() by returning the\n-EINVAL error if the thin-pool is in fail mode. Also fail pool_ctr()\nwith a new error message: \"Error registering metadata threshold\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50092",
"url": "https://www.suse.com/security/cve/CVE-2022-50092"
},
{
"category": "external",
"summary": "SUSE Bug 1244848 for CVE-2022-50092",
"url": "https://bugzilla.suse.com/1244848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50092"
},
{
"cve": "CVE-2022-50093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)\n\nKASAN reports:\n\n[ 4.668325][ T0] BUG: KASAN: wild-memory-access in dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n[ 4.676149][ T0] Read of size 8 at addr 1fffffff85115558 by task swapper/0/0\n[ 4.683454][ T0]\n[ 4.685638][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.19.0-rc3-00004-g0e862838f290 #1\n[ 4.694331][ T0] Hardware name: Supermicro SYS-5018D-FN4T/X10SDV-8C-TLN4F, BIOS 1.1 03/02/2016\n[ 4.703196][ T0] Call Trace:\n[ 4.706334][ T0] \u003cTASK\u003e\n[ 4.709133][ T0] ? dmar_parse_one_rhsa (arch/x86/include/asm/bitops.h:214 arch/x86/include/asm/bitops.h:226 include/asm-generic/bitops/instrumented-non-atomic.h:142 include/linux/nodemask.h:415 drivers/iommu/intel/dmar.c:497)\n\nafter converting the type of the first argument (@nr, bit number)\nof arch_test_bit() from `long` to `unsigned long`[0].\n\nUnder certain conditions (for example, when ACPI NUMA is disabled\nvia command line), pxm_to_node() can return %NUMA_NO_NODE (-1).\nIt is valid \u0027magic\u0027 number of NUMA node, but not valid bit number\nto use in bitops.\nnode_online() eventually descends to test_bit() without checking\nfor the input, assuming it\u0027s on caller side (which might be good\nfor perf-critical tasks). There, -1 becomes %ULONG_MAX which leads\nto an insane array index when calculating bit position in memory.\n\nFor now, add an explicit check for @node being not %NUMA_NO_NODE\nbefore calling test_bit(). The actual logics didn\u0027t change here\nat all.\n\n[0] https://github.com/norov/linux/commit/0e862838f290147ea9c16db852d8d494b552d38d",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50093",
"url": "https://www.suse.com/security/cve/CVE-2022-50093"
},
{
"category": "external",
"summary": "SUSE Bug 1244849 for CVE-2022-50093",
"url": "https://bugzilla.suse.com/1244849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50093"
},
{
"cve": "CVE-2022-50094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n\ntrace_spmi_write_begin() and trace_spmi_read_end() both call\nmemcpy() with a length of \"len + 1\". This leads to one extra\nbyte being read beyond the end of the specified buffer. Fix\nthis out-of-bound memory access by using a length of \"len\"\ninstead.\n\nHere is a KASAN log showing the issue:\n\nBUG: KASAN: stack-out-of-bounds in trace_event_raw_event_spmi_read_end+0x1d0/0x234\nRead of size 2 at addr ffffffc0265b7540 by task thermal@2.0-ser/1314\n...\nCall trace:\n dump_backtrace+0x0/0x3e8\n show_stack+0x2c/0x3c\n dump_stack_lvl+0xdc/0x11c\n print_address_description+0x74/0x384\n kasan_report+0x188/0x268\n kasan_check_range+0x270/0x2b0\n memcpy+0x90/0xe8\n trace_event_raw_event_spmi_read_end+0x1d0/0x234\n spmi_read_cmd+0x294/0x3ac\n spmi_ext_register_readl+0x84/0x9c\n regmap_spmi_ext_read+0x144/0x1b0 [regmap_spmi]\n _regmap_raw_read+0x40c/0x754\n regmap_raw_read+0x3a0/0x514\n regmap_bulk_read+0x418/0x494\n adc5_gen3_poll_wait_hs+0xe8/0x1e0 [qcom_spmi_adc5_gen3]\n ...\n __arm64_sys_read+0x4c/0x60\n invoke_syscall+0x80/0x218\n el0_svc_common+0xec/0x1c8\n ...\n\naddr ffffffc0265b7540 is located in stack of task thermal@2.0-ser/1314 at offset 32 in frame:\n adc5_gen3_poll_wait_hs+0x0/0x1e0 [qcom_spmi_adc5_gen3]\n\nthis frame has 1 object:\n [32, 33) \u0027status\u0027\n\nMemory state around the buggy address:\n ffffffc0265b7400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1\n ffffffc0265b7480: 04 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effffffc0265b7500: 00 00 00 00 f1 f1 f1 f1 01 f3 f3 f3 00 00 00 00\n ^\n ffffffc0265b7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffc0265b7600: f1 f1 f1 f1 01 f2 07 f2 f2 f2 01 f3 00 00 00 00\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50094",
"url": "https://www.suse.com/security/cve/CVE-2022-50094"
},
{
"category": "external",
"summary": "SUSE Bug 1244851 for CVE-2022-50094",
"url": "https://bugzilla.suse.com/1244851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50094"
},
{
"cve": "CVE-2022-50095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-cpu-timers: Cleanup CPU timers before freeing them during exec\n\nCommit 55e8c8eb2c7b (\"posix-cpu-timers: Store a reference to a pid not a\ntask\") started looking up tasks by PID when deleting a CPU timer.\n\nWhen a non-leader thread calls execve, it will switch PIDs with the leader\nprocess. Then, as it calls exit_itimers, posix_cpu_timer_del cannot find\nthe task because the timer still points out to the old PID.\n\nThat means that armed timers won\u0027t be disarmed, that is, they won\u0027t be\nremoved from the timerqueue_list. exit_itimers will still release their\nmemory, and when that list is later processed, it leads to a\nuse-after-free.\n\nClean up the timers from the de-threaded task before freeing them. This\nprevents a reported use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50095",
"url": "https://www.suse.com/security/cve/CVE-2022-50095"
},
{
"category": "external",
"summary": "SUSE Bug 1244846 for CVE-2022-50095",
"url": "https://bugzilla.suse.com/1244846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50095"
},
{
"cve": "CVE-2022-50097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: s3fb: Check the size of screen before memset_io()\n\nIn the function s3fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 54.083733] BUG: unable to handle page fault for address: ffffc90003000000\n[ 54.083742] #PF: supervisor write access in kernel mode\n[ 54.083744] #PF: error_code(0x0002) - not-present page\n[ 54.083760] RIP: 0010:memset_orig+0x33/0xb0\n[ 54.083782] Call Trace:\n[ 54.083788] s3fb_set_par+0x1ec6/0x4040\n[ 54.083806] fb_set_var+0x604/0xeb0\n[ 54.083836] do_fb_ioctl+0x234/0x670\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50097",
"url": "https://www.suse.com/security/cve/CVE-2022-50097"
},
{
"category": "external",
"summary": "SUSE Bug 1244845 for CVE-2022-50097",
"url": "https://bugzilla.suse.com/1244845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50097"
},
{
"cve": "CVE-2022-50098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts\n\nEnsure SRB is returned during I/O timeout error escalation. If that is not\npossible fail the escalation path.\n\nFollowing crash stack was seen:\n\nBUG: unable to handle kernel paging request at 0000002f56aa90f8\nIP: qla_chk_edif_rx_sa_delete_pending+0x14/0x30 [qla2xxx]\nCall Trace:\n ? qla2x00_status_entry+0x19f/0x1c50 [qla2xxx]\n ? qla2x00_start_sp+0x116/0x1170 [qla2xxx]\n ? dma_pool_alloc+0x1d6/0x210\n ? mempool_alloc+0x54/0x130\n ? qla24xx_process_response_queue+0x548/0x12b0 [qla2xxx]\n ? qla_do_work+0x2d/0x40 [qla2xxx]\n ? process_one_work+0x14c/0x390",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50098",
"url": "https://www.suse.com/security/cve/CVE-2022-50098"
},
{
"category": "external",
"summary": "SUSE Bug 1244841 for CVE-2022-50098",
"url": "https://bugzilla.suse.com/1244841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50098"
},
{
"cve": "CVE-2022-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Check the size of screen before memset_io()\n\nIn the function arkfb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 659.399066] BUG: unable to handle page fault for address: ffffc90003000000\n[ 659.399077] #PF: supervisor write access in kernel mode\n[ 659.399079] #PF: error_code(0x0002) - not-present page\n[ 659.399094] RIP: 0010:memset_orig+0x33/0xb0\n[ 659.399116] Call Trace:\n[ 659.399122] arkfb_set_par+0x143f/0x24c0\n[ 659.399130] fb_set_var+0x604/0xeb0\n[ 659.399161] do_fb_ioctl+0x234/0x670\n[ 659.399189] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50099",
"url": "https://www.suse.com/security/cve/CVE-2022-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1244842 for CVE-2022-50099",
"url": "https://bugzilla.suse.com/1244842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50099"
},
{
"cve": "CVE-2022-50100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Do not requeue task on CPU excluded from cpus_mask\n\nThe following warning was triggered on a large machine early in boot on\na distribution kernel but the same problem should also affect mainline.\n\n WARNING: CPU: 439 PID: 10 at ../kernel/workqueue.c:2231 process_one_work+0x4d/0x440\n Call Trace:\n \u003cTASK\u003e\n rescuer_thread+0x1f6/0x360\n kthread+0x156/0x180\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\nCommit c6e7bd7afaeb (\"sched/core: Optimize ttwu() spinning on p-\u003eon_cpu\")\noptimises ttwu by queueing a task that is descheduling on the wakelist,\nbut does not check if the task descheduling is still allowed to run on that CPU.\n\nIn this warning, the problematic task is a workqueue rescue thread which\nchecks if the rescue is for a per-cpu workqueue and running on the wrong CPU.\nWhile this is early in boot and it should be possible to create workers,\nthe rescue thread may still used if the MAYDAY_INITIAL_TIMEOUT is reached\nor MAYDAY_INTERVAL and on a sufficiently large machine, the rescue\nthread is being used frequently.\n\nTracing confirmed that the task should have migrated properly using the\nstopper thread to handle the migration. However, a parallel wakeup from udev\nrunning on another CPU that does not share CPU cache observes p-\u003eon_cpu and\nuses task_cpu(p), queues the task on the old CPU and triggers the warning.\n\nCheck that the wakee task that is descheduling is still allowed to run\non its current CPU and if not, wait for the descheduling to complete\nand select an allowed CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50100",
"url": "https://www.suse.com/security/cve/CVE-2022-50100"
},
{
"category": "external",
"summary": "SUSE Bug 1244843 for CVE-2022-50100",
"url": "https://bugzilla.suse.com/1244843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50100"
},
{
"cve": "CVE-2022-50101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: vt8623fb: Check the size of screen before memset_io()\n\nIn the function vt8623fb_set_par(), the value of \u0027screen_size\u0027 is\ncalculated by the user input. If the user provides the improper value,\nthe value of \u0027screen_size\u0027 may larger than \u0027info-\u003escreen_size\u0027, which\nmay cause the following bug:\n\n[ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000\n[ 583.339049] #PF: supervisor write access in kernel mode\n[ 583.339052] #PF: error_code(0x0002) - not-present page\n[ 583.339074] RIP: 0010:memset_orig+0x33/0xb0\n[ 583.339110] Call Trace:\n[ 583.339118] vt8623fb_set_par+0x11cd/0x21e0\n[ 583.339146] fb_set_var+0x604/0xeb0\n[ 583.339181] do_fb_ioctl+0x234/0x670\n[ 583.339209] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of \u0027screen_size\u0027 before memset_io().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50101",
"url": "https://www.suse.com/security/cve/CVE-2022-50101"
},
{
"category": "external",
"summary": "SUSE Bug 1244839 for CVE-2022-50101",
"url": "https://bugzilla.suse.com/1244839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50101"
},
{
"cve": "CVE-2022-50102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug\nin:\n drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info-\u003evar.pixclock) / hmul);\nwith hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.\nand then in:\n drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par-\u003edac, 0, 1000000000 / pixclock);\nwe\u0027ll get a division-by-zero.\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline]\nRIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of ark_set_pixclock() first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50102",
"url": "https://www.suse.com/security/cve/CVE-2022-50102"
},
{
"category": "external",
"summary": "SUSE Bug 1244838 for CVE-2022-50102",
"url": "https://bugzilla.suse.com/1244838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50102"
},
{
"cve": "CVE-2022-50103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched, cpuset: Fix dl_cpu_busy() panic due to empty cs-\u003ecpus_allowed\n\nWith cgroup v2, the cpuset\u0027s cpus_allowed mask can be empty indicating\nthat the cpuset will just use the effective CPUs of its parent. So\ncpuset_can_attach() can call task_can_attach() with an empty mask.\nThis can lead to cpumask_any_and() returns nr_cpu_ids causing the call\nto dl_bw_of() to crash due to percpu value access of an out of bound\nCPU value. For example:\n\n\t[80468.182258] BUG: unable to handle page fault for address: ffffffff8b6648b0\n\t :\n\t[80468.191019] RIP: 0010:dl_cpu_busy+0x30/0x2b0\n\t :\n\t[80468.207946] Call Trace:\n\t[80468.208947] cpuset_can_attach+0xa0/0x140\n\t[80468.209953] cgroup_migrate_execute+0x8c/0x490\n\t[80468.210931] cgroup_update_dfl_csses+0x254/0x270\n\t[80468.211898] cgroup_subtree_control_write+0x322/0x400\n\t[80468.212854] kernfs_fop_write_iter+0x11c/0x1b0\n\t[80468.213777] new_sync_write+0x11f/0x1b0\n\t[80468.214689] vfs_write+0x1eb/0x280\n\t[80468.215592] ksys_write+0x5f/0xe0\n\t[80468.216463] do_syscall_64+0x5c/0x80\n\t[80468.224287] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nFix that by using effective_cpus instead. For cgroup v1, effective_cpus\nis the same as cpus_allowed. For v2, effective_cpus is the real cpumask\nto be used by tasks within the cpuset anyway.\n\nAlso update task_can_attach()\u0027s 2nd argument name to cs_effective_cpus to\nreflect the change. In addition, a check is added to task_can_attach()\nto guard against the possibility that cpumask_any_and() may return a\nvalue \u003e= nr_cpu_ids.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50103",
"url": "https://www.suse.com/security/cve/CVE-2022-50103"
},
{
"category": "external",
"summary": "SUSE Bug 1244840 for CVE-2022-50103",
"url": "https://bugzilla.suse.com/1244840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50103"
},
{
"cve": "CVE-2022-50104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/xive: Fix refcount leak in xive_get_max_prio\n\nof_find_node_by_path() returns a node pointer with\nrefcount incremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50104",
"url": "https://www.suse.com/security/cve/CVE-2022-50104"
},
{
"category": "external",
"summary": "SUSE Bug 1244836 for CVE-2022-50104",
"url": "https://bugzilla.suse.com/1244836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50104"
},
{
"cve": "CVE-2022-50108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: max77620: Fix refcount leak in max77620_initialise_fps\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50108",
"url": "https://www.suse.com/security/cve/CVE-2022-50108"
},
{
"category": "external",
"summary": "SUSE Bug 1244834 for CVE-2022-50108",
"url": "https://bugzilla.suse.com/1244834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50108"
},
{
"cve": "CVE-2022-50109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: amba-clcd: Fix refcount leak bugs\n\nIn clcdfb_of_init_display(), we should call of_node_put() for the\nreferences returned by of_graph_get_next_endpoint() and\nof_graph_get_remote_port_parent() which have increased the refcount.\n\nBesides, we should call of_node_put() both in fail path or when\nthe references are not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50109",
"url": "https://www.suse.com/security/cve/CVE-2022-50109"
},
{
"category": "external",
"summary": "SUSE Bug 1244884 for CVE-2022-50109",
"url": "https://bugzilla.suse.com/1244884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50109"
},
{
"cve": "CVE-2022-50110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource\n\nUnlike release_mem_region(), a call to release_resource() does not\nfree the resource, so it has to be freed explicitly to avoid a memory\nleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50110",
"url": "https://www.suse.com/security/cve/CVE-2022-50110"
},
{
"category": "external",
"summary": "SUSE Bug 1244830 for CVE-2022-50110",
"url": "https://bugzilla.suse.com/1244830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50110"
},
{
"cve": "CVE-2022-50111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mt6359: Fix refcount leak bug\n\nIn mt6359_parse_dt() and mt6359_accdet_parse_dt(), we should call\nof_node_put() for the reference returned by of_get_child_by_name()\nwhich has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50111",
"url": "https://www.suse.com/security/cve/CVE-2022-50111"
},
{
"category": "external",
"summary": "SUSE Bug 1244831 for CVE-2022-50111",
"url": "https://bugzilla.suse.com/1244831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50111"
},
{
"cve": "CVE-2022-50112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50112",
"url": "https://www.suse.com/security/cve/CVE-2022-50112"
},
{
"category": "external",
"summary": "SUSE Bug 1244832 for CVE-2022-50112",
"url": "https://bugzilla.suse.com/1244832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50112"
},
{
"cve": "CVE-2022-50116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix deadlock and link starvation in outgoing data path\n\nThe current implementation queues up new control and user packets as needed\nand processes this queue down to the ldisc in the same code path.\nThat means that the upper and the lower layer are hard coupled in the code.\nDue to this deadlocks can happen as seen below while transmitting data,\nespecially during ldisc congestion. Furthermore, the data channels starve\nthe control channel on high transmission load on the ldisc.\n\nIntroduce an additional control channel data queue to prevent timeouts and\nlink hangups during ldisc congestion. This is being processed before the\nuser channel data queue in gsm_data_kick(), i.e. with the highest priority.\nPut the queue to ldisc data path into a workqueue and trigger it whenever\nnew data has been put into the transmission queue. Change\ngsm_dlci_data_sweep() accordingly to fill up the transmission queue until\nTX_THRESH_HI. This solves the locking issue, keeps latency low and provides\ngood performance on high data load.\nNote that now all packets from a DLCI are removed from the internal queue\nif the associated DLCI was closed. This ensures that no data is sent by the\nintroduced write task to an already closed DLCI.\n\nBUG: spinlock recursion on CPU#0, test_v24_loop/124\n lock: serial8250_ports+0x3a8/0x7500, .magic: dead4ead, .owner: test_v24_loop/124, .owner_cpu: 0\nCPU: 0 PID: 124 Comm: test_v24_loop Tainted: G O 5.18.0-rc2 #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x34/0x44\n do_raw_spin_lock+0x76/0xa0\n _raw_spin_lock_irqsave+0x72/0x80\n uart_write_room+0x3b/0xc0\n gsm_data_kick+0x14b/0x240 [n_gsm]\n gsmld_write_wakeup+0x35/0x70 [n_gsm]\n tty_wakeup+0x53/0x60\n tty_port_default_wakeup+0x1b/0x30\n serial8250_tx_chars+0x12f/0x220\n serial8250_handle_irq.part.0+0xfe/0x150\n serial8250_default_handle_irq+0x48/0x80\n serial8250_interrupt+0x56/0xa0\n __handle_irq_event_percpu+0x78/0x1f0\n handle_irq_event+0x34/0x70\n handle_fasteoi_irq+0x90/0x1e0\n __common_interrupt+0x69/0x100\n common_interrupt+0x48/0xc0\n asm_common_interrupt+0x1e/0x40\nRIP: 0010:__do_softirq+0x83/0x34e\nCode: 2a 0a ff 0f b7 ed c7 44 24 10 0a 00 00 00 48 c7 c7 51 2a 64 82 e8 2d\ne2 d5 ff 65 66 c7 05 83 af 1e 7e 00 00 fb b8 ff ff ff ff \u003c49\u003e c7 c2 40 61\n80 82 0f bc c5 41 89 c4 41 83 c4 01 0f 84 e6 00 00\nRSP: 0018:ffffc90000003f98 EFLAGS: 00000286\nRAX: 00000000ffffffff RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff82642a51 RDI: ffffffff825bb5e7\nRBP: 0000000000000200 R08: 00000008de3271a8 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000030 R14: 0000000000000000 R15: 0000000000000000\n ? __do_softirq+0x73/0x34e\n irq_exit_rcu+0xb5/0x100\n common_interrupt+0xa4/0xc0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x1e/0x40\nRIP: 0010:_raw_spin_unlock_irqrestore+0x2e/0x50\nCode: 00 55 48 89 fd 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 85 28 36 ff\n48 89 ef e8 cd 58 36 ff 80 e7 02 74 01 fb bf 01 00 00 00 \u003ce8\u003e 3d 97 33 ff\n65 8b 05 96 23 2b 7e 85 c0 74 03 5b 5d c3 0f 1f 44\nRSP: 0018:ffffc9000020fd08 EFLAGS: 00000202\nRAX: 0000000000000000 RBX: 0000000000000246 RCX: 0000000000000000\nRDX: 0000000000000004 RSI: ffffffff8257fd74 RDI: 0000000000000001\nRBP: ffff8880057de3a0 R08: 00000008de233000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000100 R14: 0000000000000202 R15: ffff8880057df0b8\n ? _raw_spin_unlock_irqrestore+0x23/0x50\n gsmtty_write+0x65/0x80 [n_gsm]\n n_tty_write+0x33f/0x530\n ? swake_up_all+0xe0/0xe0\n file_tty_write.constprop.0+0x1b1/0x320\n ? n_tty_flush_buffer+0xb0/0xb0\n new_sync_write+0x10c/0x190\n vfs_write+0x282/0x310\n ksys_write+0x68/0xe0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f3e5e35c15c\nCode: 8b 7c 24 08 89 c5 e8 c5 ff ff ff 89 ef 89 44 24\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50116",
"url": "https://www.suse.com/security/cve/CVE-2022-50116"
},
{
"category": "external",
"summary": "SUSE Bug 1244824 for CVE-2022-50116",
"url": "https://bugzilla.suse.com/1244824"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50116"
},
{
"cve": "CVE-2022-50118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable\n\ncommit 2c9ac51b850d (\"powerpc/perf: Fix PMU callbacks to clear\npending PMI before resetting an overflown PMC\") added a new\nfunction \"pmi_irq_pending\" in hw_irq.h. This function is to check\nif there is a PMI marked as pending in Paca (PACA_IRQ_PMI).This is\nused in power_pmu_disable in a WARN_ON. The intention here is to\nprovide a warning if there is PMI pending, but no counter is found\noverflown.\n\nDuring some of the perf runs, below warning is hit:\n\nWARNING: CPU: 36 PID: 0 at arch/powerpc/perf/core-book3s.c:1332 power_pmu_disable+0x25c/0x2c0\n Modules linked in:\n -----\n\n NIP [c000000000141c3c] power_pmu_disable+0x25c/0x2c0\n LR [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0\n Call Trace:\n [c000000baffcfb90] [c000000000141c8c] power_pmu_disable+0x2ac/0x2c0 (unreliable)\n [c000000baffcfc10] [c0000000003e2f8c] perf_pmu_disable+0x4c/0x60\n [c000000baffcfc30] [c0000000003e3344] group_sched_out.part.124+0x44/0x100\n [c000000baffcfc80] [c0000000003e353c] __perf_event_disable+0x13c/0x240\n [c000000baffcfcd0] [c0000000003dd334] event_function+0xc4/0x140\n [c000000baffcfd20] [c0000000003d855c] remote_function+0x7c/0xa0\n [c000000baffcfd50] [c00000000026c394] flush_smp_call_function_queue+0xd4/0x300\n [c000000baffcfde0] [c000000000065b24] smp_ipi_demux_relaxed+0xa4/0x100\n [c000000baffcfe20] [c0000000000cb2b0] xive_muxed_ipi_action+0x20/0x40\n [c000000baffcfe40] [c000000000207c3c] __handle_irq_event_percpu+0x8c/0x250\n [c000000baffcfee0] [c000000000207e2c] handle_irq_event_percpu+0x2c/0xa0\n [c000000baffcff10] [c000000000210a04] handle_percpu_irq+0x84/0xc0\n [c000000baffcff40] [c000000000205f14] generic_handle_irq+0x54/0x80\n [c000000baffcff60] [c000000000015740] __do_irq+0x90/0x1d0\n [c000000baffcff90] [c000000000016990] __do_IRQ+0xc0/0x140\n [c0000009732f3940] [c000000bafceaca8] 0xc000000bafceaca8\n [c0000009732f39d0] [c000000000016b78] do_IRQ+0x168/0x1c0\n [c0000009732f3a00] [c0000000000090c8] hardware_interrupt_common_virt+0x218/0x220\n\nThis means that there is no PMC overflown among the active events\nin the PMU, but there is a PMU pending in Paca. The function\n\"any_pmc_overflown\" checks the PMCs on active events in\ncpuhw-\u003en_events. Code snippet:\n\n\u003c\u003c\u003e\u003e\nif (any_pmc_overflown(cpuhw))\n \tclear_pmi_irq_pending();\n else\n \tWARN_ON(pmi_irq_pending());\n\u003c\u003c\u003e\u003e\n\nHere the PMC overflown is not from active event. Example: When we do\nperf record, default cycles and instructions will be running on PMC6\nand PMC5 respectively. It could happen that overflowed event is currently\nnot active and pending PMI is for the inactive event. Debug logs from\ntrace_printk:\n\n\u003c\u003c\u003e\u003e\nany_pmc_overflown: idx is 5: pmc value is 0xd9a\npower_pmu_disable: PMC1: 0x0, PMC2: 0x0, PMC3: 0x0, PMC4: 0x0, PMC5: 0xd9a, PMC6: 0x80002011\n\u003c\u003c\u003e\u003e\n\nHere active PMC (from idx) is PMC5 , but overflown PMC is PMC6(0x80002011).\nWhen we handle PMI interrupt for such cases, if the PMC overflown is\nfrom inactive event, it will be ignored. Reference commit:\ncommit bc09c219b2e6 (\"powerpc/perf: Fix finding overflowed PMC in interrupt\")\n\nPatch addresses two changes:\n1) Fix 1 : Removal of warning ( WARN_ON(pmi_irq_pending()); )\n We were printing warning if no PMC is found overflown among active PMU\n events, but PMI pending in PACA. But this could happen in cases where\n PMC overflown is not in active PMC. An inactive event could have caused\n the overflow. Hence the warning is not needed. To know pending PMI is\n from an inactive event, we need to loop through all PMC\u0027s which will\n cause more SPR reads via mfspr and increase in context switch. Also in\n existing function: perf_event_interrupt, already we ignore PMI\u0027s\n overflown when it is from an inactive PMC.\n\n2) Fix 2: optimization in clearing pending PMI.\n Currently we check for any active PMC overflown before clearing PMI\n pending in Paca. This is causing additional SP\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50118",
"url": "https://www.suse.com/security/cve/CVE-2022-50118"
},
{
"category": "external",
"summary": "SUSE Bug 1244825 for CVE-2022-50118",
"url": "https://bugzilla.suse.com/1244825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50118"
},
{
"cve": "CVE-2022-50120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: imx_rproc: Fix refcount leak in imx_rproc_addr_init\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not needed anymore.\nThis function has two paths missing of_node_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50120",
"url": "https://www.suse.com/security/cve/CVE-2022-50120"
},
{
"category": "external",
"summary": "SUSE Bug 1244819 for CVE-2022-50120",
"url": "https://bugzilla.suse.com/1244819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50120"
},
{
"cve": "CVE-2022-50121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference count of the previous node.\nWhen breaking early from a for_each_available_child_of_node() loop,\nwe need to explicitly call of_node_put() on the child node.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50121",
"url": "https://www.suse.com/security/cve/CVE-2022-50121"
},
{
"category": "external",
"summary": "SUSE Bug 1244823 for CVE-2022-50121",
"url": "https://bugzilla.suse.com/1244823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50121"
},
{
"cve": "CVE-2022-50124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50124",
"url": "https://www.suse.com/security/cve/CVE-2022-50124"
},
{
"category": "external",
"summary": "SUSE Bug 1244816 for CVE-2022-50124",
"url": "https://bugzilla.suse.com/1244816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50124"
},
{
"cve": "CVE-2022-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50125",
"url": "https://www.suse.com/security/cve/CVE-2022-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1244814 for CVE-2022-50125",
"url": "https://bugzilla.suse.com/1244814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50125"
},
{
"cve": "CVE-2022-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: fix assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 failure when journal aborted\n\nFollowing process will fail assertion \u0027jh-\u003eb_frozen_data == NULL\u0027 in\njbd2_journal_dirty_metadata():\n\n jbd2_journal_commit_transaction\nunlink(dir/a)\n jh-\u003eb_transaction = trans1\n jh-\u003eb_jlist = BJ_Metadata\n journal-\u003ej_running_transaction = NULL\n trans1-\u003et_state = T_COMMIT\nunlink(dir/b)\n handle-\u003eh_trans = trans2\n do_get_write_access\n jh-\u003eb_modified = 0\n jh-\u003eb_frozen_data = frozen_buffer\n jh-\u003eb_next_transaction = trans2\n jbd2_journal_dirty_metadata\n is_handle_aborted\n is_journal_aborted // return false\n\n --\u003e jbd2 abort \u003c--\n\n while (commit_transaction-\u003et_buffers)\n if (is_journal_aborted)\n jbd2_journal_refile_buffer\n __jbd2_journal_refile_buffer\n WRITE_ONCE(jh-\u003eb_transaction,\n\t\t\t\t\t\tjh-\u003eb_next_transaction)\n WRITE_ONCE(jh-\u003eb_next_transaction, NULL)\n __jbd2_journal_file_buffer(jh, BJ_Reserved)\n J_ASSERT_JH(jh, jh-\u003eb_frozen_data == NULL) // assertion failure !\n\nThe reproducer (See detail in [Link]) reports:\n ------------[ cut here ]------------\n kernel BUG at fs/jbd2/transaction.c:1629!\n invalid opcode: 0000 [#1] PREEMPT SMP\n CPU: 2 PID: 584 Comm: unlink Tainted: G W\n 5.19.0-rc6-00115-g4a57a8400075-dirty #697\n RIP: 0010:jbd2_journal_dirty_metadata+0x3c5/0x470\n RSP: 0018:ffffc90000be7ce0 EFLAGS: 00010202\n Call Trace:\n \u003cTASK\u003e\n __ext4_handle_dirty_metadata+0xa0/0x290\n ext4_handle_dirty_dirblock+0x10c/0x1d0\n ext4_delete_entry+0x104/0x200\n __ext4_unlink+0x22b/0x360\n ext4_unlink+0x275/0x390\n vfs_unlink+0x20b/0x4c0\n do_unlinkat+0x42f/0x4c0\n __x64_sys_unlink+0x37/0x50\n do_syscall_64+0x35/0x80\n\nAfter journal aborting, __jbd2_journal_refile_buffer() is executed with\nholding @jh-\u003eb_state_lock, we can fix it by moving \u0027is_handle_aborted()\u0027\ninto the area protected by @jh-\u003eb_state_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50126",
"url": "https://www.suse.com/security/cve/CVE-2022-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1244813 for CVE-2022-50126",
"url": "https://bugzilla.suse.com/1244813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50126"
},
{
"cve": "CVE-2022-50127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50127"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix error unwind in rxe_create_qp()\n\nIn the function rxe_create_qp(), rxe_qp_from_init() is called to\ninitialize qp, internally things like the spin locks are not setup until\nrxe_qp_init_req().\n\nIf an error occures before this point then the unwind will call\nrxe_cleanup() and eventually to rxe_qp_do_cleanup()/rxe_cleanup_task()\nwhich will oops when trying to access the uninitialized spinlock.\n\nMove the spinlock initializations earlier before any failures.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50127",
"url": "https://www.suse.com/security/cve/CVE-2022-50127"
},
{
"category": "external",
"summary": "SUSE Bug 1244815 for CVE-2022-50127",
"url": "https://bugzilla.suse.com/1244815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50127"
},
{
"cve": "CVE-2022-50129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/srpt: Fix a use-after-free\n\nChange the LIO port members inside struct srpt_port from regular members\ninto pointers. Allocate the LIO port data structures from inside\nsrpt_make_tport() and free these from inside srpt_make_tport(). Keep\nstruct srpt_device as long as either an RDMA port or a LIO target port is\nassociated with it. This patch decouples the lifetime of struct srpt_port\n(controlled by the RDMA core) and struct srpt_port_id (controlled by LIO).\nThis patch fixes the following KASAN complaint:\n\n BUG: KASAN: use-after-free in srpt_enable_tpg+0x31/0x70 [ib_srpt]\n Read of size 8 at addr ffff888141cc34b8 by task check/5093\n\n Call Trace:\n \u003cTASK\u003e\n show_stack+0x4e/0x53\n dump_stack_lvl+0x51/0x66\n print_address_description.constprop.0.cold+0xea/0x41e\n print_report.cold+0x90/0x205\n kasan_report+0xb9/0xf0\n __asan_load8+0x69/0x90\n srpt_enable_tpg+0x31/0x70 [ib_srpt]\n target_fabric_tpg_base_enable_store+0xe2/0x140 [target_core_mod]\n configfs_write_iter+0x18b/0x210\n new_sync_write+0x1f2/0x2f0\n vfs_write+0x3e3/0x540\n ksys_write+0xbb/0x140\n __x64_sys_write+0x42/0x50\n do_syscall_64+0x34/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50129",
"url": "https://www.suse.com/security/cve/CVE-2022-50129"
},
{
"category": "external",
"summary": "SUSE Bug 1244811 for CVE-2022-50129",
"url": "https://bugzilla.suse.com/1244811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50129"
},
{
"cve": "CVE-2022-50131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: mcp2221: prevent a buffer overflow in mcp_smbus_write()\n\nSmatch Warning:\ndrivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy()\n\u0027\u0026mcp-\u003etxbuf[5]\u0027 too small (59 vs 255)\ndrivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() \u0027buf\u0027\ntoo small (34 vs 255)\n\nThe \u0027len\u0027 variable can take a value between 0-255 as it can come from\ndata-\u003eblock[0] and it is user data. So add an bound check to prevent a\nbuffer overflow in memcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50131",
"url": "https://www.suse.com/security/cve/CVE-2022-50131"
},
{
"category": "external",
"summary": "SUSE Bug 1244807 for CVE-2022-50131",
"url": "https://bugzilla.suse.com/1244807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50131"
},
{
"cve": "CVE-2022-50132",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50132"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: change place of \u0027priv_ep\u0027 assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable()\n\nIf \u0027ep\u0027 is NULL, result of ep_to_cdns3_ep(ep) is invalid pointer\nand its dereference with priv_ep-\u003ecdns3_dev may cause panic.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50132",
"url": "https://www.suse.com/security/cve/CVE-2022-50132"
},
{
"category": "external",
"summary": "SUSE Bug 1244808 for CVE-2022-50132",
"url": "https://bugzilla.suse.com/1244808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50132"
},
{
"cve": "CVE-2022-50134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50134"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hfi1: fix potential memory leak in setup_base_ctxt()\n\nsetup_base_ctxt() allocates a memory chunk for uctxt-\u003egroups with\nhfi1_alloc_ctxt_rcv_groups(). When init_user_ctxt() fails, uctxt-\u003egroups\nis not released, which will lead to a memory leak.\n\nWe should release the uctxt-\u003egroups with hfi1_free_ctxt_rcv_groups()\nwhen init_user_ctxt() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50134",
"url": "https://www.suse.com/security/cve/CVE-2022-50134"
},
{
"category": "external",
"summary": "SUSE Bug 1244802 for CVE-2022-50134",
"url": "https://bugzilla.suse.com/1244802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50134"
},
{
"cve": "CVE-2022-50136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event\n\nIf siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn\u0027t\nbeen received completely, and should not report IW_CM_EVENT_CONNECT_REPLY\nin this case. This may trigger a call trace in iw_cm. A simple way to\ntrigger this:\n server: ib_send_lat\n client: ib_send_lat -R \u003cserver_ip\u003e\n\nThe call trace looks like this:\n\n kernel BUG at drivers/infiniband/core/iwcm.c:894!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n \u003c...\u003e\n Workqueue: iw_cm_wq cm_work_handler [iw_cm]\n Call Trace:\n \u003cTASK\u003e\n cm_work_handler+0x1dd/0x370 [iw_cm]\n process_one_work+0x1e2/0x3b0\n worker_thread+0x49/0x2e0\n ? rescuer_thread+0x370/0x370\n kthread+0xe5/0x110\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50136",
"url": "https://www.suse.com/security/cve/CVE-2022-50136"
},
{
"category": "external",
"summary": "SUSE Bug 1244804 for CVE-2022-50136",
"url": "https://bugzilla.suse.com/1244804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50136"
},
{
"cve": "CVE-2022-50137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix a window for use-after-free\n\nDuring a destroy CQ an interrupt may cause processing of a CQE after CQ\nresources are freed by irdma_cq_free_rsrc(). Fix this by moving the call\nto irdma_cq_free_rsrc() after the irdma_sc_cleanup_ceqes(), which is\ncalled under the cq_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50137",
"url": "https://www.suse.com/security/cve/CVE-2022-50137"
},
{
"category": "external",
"summary": "SUSE Bug 1244800 for CVE-2022-50137",
"url": "https://bugzilla.suse.com/1244800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50137"
},
{
"cve": "CVE-2022-50138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()\n\n__qedr_alloc_mr() allocates a memory chunk for \"mr-\u003einfo.pbl_table\" with\ninit_mr_info(). When rdma_alloc_tid() and rdma_register_tid() fail, \"mr\"\nis released while \"mr-\u003einfo.pbl_table\" is not released, which will lead\nto a memory leak.\n\nWe should release the \"mr-\u003einfo.pbl_table\" with qedr_free_pbl() when error\noccurs to fix the memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50138",
"url": "https://www.suse.com/security/cve/CVE-2022-50138"
},
{
"category": "external",
"summary": "SUSE Bug 1244797 for CVE-2022-50138",
"url": "https://bugzilla.suse.com/1244797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50138"
},
{
"cve": "CVE-2022-50139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc()\n\nWe should call of_node_put() for the reference returned by\nof_get_child_by_name() which has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50139",
"url": "https://www.suse.com/security/cve/CVE-2022-50139"
},
{
"category": "external",
"summary": "SUSE Bug 1244798 for CVE-2022-50139",
"url": "https://bugzilla.suse.com/1244798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50139"
},
{
"cve": "CVE-2022-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick/ms_block: Fix a memory leak\n\n\u0027erased_blocks_bitmap\u0027 is never freed. As it is allocated at the same time\nas \u0027used_blocks_bitmap\u0027, it is likely that it should be freed also at the\nsame time.\n\nAdd the corresponding bitmap_free() in msb_data_clear().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50140",
"url": "https://www.suse.com/security/cve/CVE-2022-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1244793 for CVE-2022-50140",
"url": "https://bugzilla.suse.com/1244793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50140"
},
{
"cve": "CVE-2022-50141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() checks null pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50141",
"url": "https://www.suse.com/security/cve/CVE-2022-50141"
},
{
"category": "external",
"summary": "SUSE Bug 1244794 for CVE-2022-50141",
"url": "https://bugzilla.suse.com/1244794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50141"
},
{
"cve": "CVE-2022-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: msu: Fix vmalloced buffers\n\nAfter commit f5ff79fddf0e (\"dma-mapping: remove CONFIG_DMA_REMAP\") there\u0027s\na chance of DMA buffer getting allocated via vmalloc(), which messes up\nthe mmapping code:\n\n\u003e RIP: msc_mmap_fault [intel_th_msu]\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e __do_fault\n\u003e do_fault\n...\n\nFix this by accounting for vmalloc possibility.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50142",
"url": "https://www.suse.com/security/cve/CVE-2022-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1244796 for CVE-2022-50142",
"url": "https://bugzilla.suse.com/1244796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50142"
},
{
"cve": "CVE-2022-50143",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50143"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nintel_th: Fix a resource leak in an error handling path\n\nIf an error occurs after calling \u0027pci_alloc_irq_vectors()\u0027,\n\u0027pci_free_irq_vectors()\u0027 must be called as already done in the remove\nfunction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50143",
"url": "https://www.suse.com/security/cve/CVE-2022-50143"
},
{
"category": "external",
"summary": "SUSE Bug 1244790 for CVE-2022-50143",
"url": "https://bugzilla.suse.com/1244790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50143"
},
{
"cve": "CVE-2022-50145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: sf-pdma: Add multithread support for a DMA channel\n\nWhen we get a DMA channel and try to use it in multiple threads it\nwill cause oops and hanging the system.\n\n% echo 64 \u003e /sys/module/dmatest/parameters/threads_per_chan\n% echo 10000 \u003e /sys/module/dmatest/parameters/iterations\n% echo 1 \u003e /sys/module/dmatest/parameters/run\n[ 89.480664] Unable to handle kernel NULL pointer dereference at virtual\n address 00000000000000a0\n[ 89.488725] Oops [#1]\n[ 89.494708] CPU: 2 PID: 1008 Comm: dma0chan0-copy0 Not tainted\n 5.17.0-rc5\n[ 89.509385] epc : vchan_find_desc+0x32/0x46\n[ 89.513553] ra : sf_pdma_tx_status+0xca/0xd6\n\nThis happens because of data race. Each thread rewrite channels\u0027s\ndescriptor as soon as device_prep_dma_memcpy() is called. It leads to the\nsituation when the driver thinks that it uses right descriptor that\nactually is freed or substituted for other one.\n\nWith current fixes a descriptor changes its value only when it has\nbeen used. A new descriptor is acquired from vc-\u003edesc_issued queue that\nis already filled with descriptors that are ready to be sent. Threads\nhave no direct access to DMA channel descriptor. Now it is just possible\nto queue a descriptor for further processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50145",
"url": "https://www.suse.com/security/cve/CVE-2022-50145"
},
{
"category": "external",
"summary": "SUSE Bug 1244787 for CVE-2022-50145",
"url": "https://bugzilla.suse.com/1244787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50145"
},
{
"cve": "CVE-2022-50146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors\n\nIf dw_pcie_ep_init() fails to perform any action after the EPC memory is\ninitialized and the MSI memory region is allocated, the latter parts won\u0027t\nbe undone thus causing a memory leak. Add a cleanup-on-error path to fix\nthese leaks.\n\n[bhelgaas: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50146",
"url": "https://www.suse.com/security/cve/CVE-2022-50146"
},
{
"category": "external",
"summary": "SUSE Bug 1244788 for CVE-2022-50146",
"url": "https://bugzilla.suse.com/1244788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50146"
},
{
"cve": "CVE-2022-50149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix potential deadlock in __driver_attach\n\nIn __driver_attach function, There are also AA deadlock problem,\nlike the commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\n\nstack like commit b232b02bf3c2 (\"driver core: fix deadlock in\n__device_attach\").\nlist below:\n In __driver_attach function, The lock holding logic is as follows:\n ...\n __driver_attach\n if (driver_allows_async_probing(drv))\n device_lock(dev) // get lock dev\n async_schedule_dev(__driver_attach_async_helper, dev); // func\n async_schedule_node\n async_schedule_node_domain(func)\n entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC);\n /* when fail or work limit, sync to execute func, but\n __driver_attach_async_helper will get lock dev as\n will, which will lead to A-A deadlock. */\n if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK) {\n func;\n else\n queue_work_node(node, system_unbound_wq, \u0026entry-\u003ework)\n device_unlock(dev)\n\n As above show, when it is allowed to do async probes, because of\n out of memory or work limit, async work is not be allowed, to do\n sync execute instead. it will lead to A-A deadlock because of\n __driver_attach_async_helper getting lock dev.\n\nReproduce:\nand it can be reproduce by make the condition\n(if (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK)) untenable, like\nbelow:\n\n[ 370.785650] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables\nthis message.\n[ 370.787154] task:swapper/0 state:D stack: 0 pid: 1 ppid:\n0 flags:0x00004000\n[ 370.788865] Call Trace:\n[ 370.789374] \u003cTASK\u003e\n[ 370.789841] __schedule+0x482/0x1050\n[ 370.790613] schedule+0x92/0x1a0\n[ 370.791290] schedule_preempt_disabled+0x2c/0x50\n[ 370.792256] __mutex_lock.isra.0+0x757/0xec0\n[ 370.793158] __mutex_lock_slowpath+0x1f/0x30\n[ 370.794079] mutex_lock+0x50/0x60\n[ 370.794795] __device_driver_lock+0x2f/0x70\n[ 370.795677] ? driver_probe_device+0xd0/0xd0\n[ 370.796576] __driver_attach_async_helper+0x1d/0xd0\n[ 370.797318] ? driver_probe_device+0xd0/0xd0\n[ 370.797957] async_schedule_node_domain+0xa5/0xc0\n[ 370.798652] async_schedule_node+0x19/0x30\n[ 370.799243] __driver_attach+0x246/0x290\n[ 370.799828] ? driver_allows_async_probing+0xa0/0xa0\n[ 370.800548] bus_for_each_dev+0x9d/0x130\n[ 370.801132] driver_attach+0x22/0x30\n[ 370.801666] bus_add_driver+0x290/0x340\n[ 370.802246] driver_register+0x88/0x140\n[ 370.802817] ? virtio_scsi_init+0x116/0x116\n[ 370.803425] scsi_register_driver+0x1a/0x30\n[ 370.804057] init_sd+0x184/0x226\n[ 370.804533] do_one_initcall+0x71/0x3a0\n[ 370.805107] kernel_init_freeable+0x39a/0x43a\n[ 370.805759] ? rest_init+0x150/0x150\n[ 370.806283] kernel_init+0x26/0x230\n[ 370.806799] ret_from_fork+0x1f/0x30\n\nTo fix the deadlock, move the async_schedule_dev outside device_lock,\nas we can see, in async_schedule_node_domain, the parameter of\nqueue_work_node is system_unbound_wq, so it can accept concurrent\noperations. which will also not change the code logic, and will\nnot lead to deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50149",
"url": "https://www.suse.com/security/cve/CVE-2022-50149"
},
{
"category": "external",
"summary": "SUSE Bug 1244883 for CVE-2022-50149",
"url": "https://bugzilla.suse.com/1244883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50149"
},
{
"cve": "CVE-2022-50151",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50151"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdns3: fix random warning message when driver load\n\nWarning log:\n[ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code!\n[ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-g2fd9ae1b568c #20\n[ 4.158010] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.163155] Call trace:\n[ 4.165600] dump_backtrace+0x0/0x1b0\n[ 4.169286] show_stack+0x18/0x68\n[ 4.172611] dump_stack_lvl+0x68/0x84\n[ 4.176286] dump_stack+0x18/0x34\n[ 4.179613] kmalloc_fix_flags+0x60/0x88\n[ 4.183550] new_slab+0x334/0x370\n[ 4.186878] ___slab_alloc.part.108+0x4d4/0x748\n[ 4.191419] __slab_alloc.isra.109+0x30/0x78\n[ 4.195702] kmem_cache_alloc+0x40c/0x420\n[ 4.199725] dma_pool_alloc+0xac/0x1f8\n[ 4.203486] cdns3_allocate_trb_pool+0xb4/0xd0\n\npool_alloc_page(struct dma_pool *pool, gfp_t mem_flags)\n{\n\t...\n\tpage = kmalloc(sizeof(*page), mem_flags);\n\tpage-\u003evaddr = dma_alloc_coherent(pool-\u003edev, pool-\u003eallocation,\n\t\t\t\t\t \u0026page-\u003edma, mem_flags);\n\t...\n}\n\nkmalloc was called with mem_flags, which is passed down in\ncdns3_allocate_trb_pool() and have GFP_DMA32 flags.\nkmall_fix_flags() report warning.\n\nGFP_DMA32 is not useful at all. dma_alloc_coherent() will handle\nDMA memory region correctly by pool-\u003edev. GFP_DMA32 can be removed\nsafely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50151",
"url": "https://www.suse.com/security/cve/CVE-2022-50151"
},
{
"category": "external",
"summary": "SUSE Bug 1245093 for CVE-2022-50151",
"url": "https://bugzilla.suse.com/1245093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50151"
},
{
"cve": "CVE-2022-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50152",
"url": "https://www.suse.com/security/cve/CVE-2022-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1244783 for CVE-2022-50152",
"url": "https://bugzilla.suse.com/1244783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50152"
},
{
"cve": "CVE-2022-50153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50153"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: Fix refcount leak in ehci_hcd_ppc_of_probe\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50153",
"url": "https://www.suse.com/security/cve/CVE-2022-50153"
},
{
"category": "external",
"summary": "SUSE Bug 1244786 for CVE-2022-50153",
"url": "https://bugzilla.suse.com/1244786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50153"
},
{
"cve": "CVE-2022-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: mediatek-gen3: Fix refcount leak in mtk_pcie_init_irq_domains()\n\nof_get_child_by_name() returns a node pointer with refcount incremented, so\nwe should use of_node_put() on it when we don\u0027t need it anymore.\n\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50154",
"url": "https://www.suse.com/security/cve/CVE-2022-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1244784 for CVE-2022-50154",
"url": "https://bugzilla.suse.com/1244784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50154"
},
{
"cve": "CVE-2022-50155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50155"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: parsers: ofpart: Fix refcount leak in bcm4908_partitions_fw_offset\n\nof_find_node_by_path() returns a node pointer with refcount incremented,\nwe should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50155",
"url": "https://www.suse.com/security/cve/CVE-2022-50155"
},
{
"category": "external",
"summary": "SUSE Bug 1244781 for CVE-2022-50155",
"url": "https://bugzilla.suse.com/1244781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50155"
},
{
"cve": "CVE-2022-50156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: cp2112: prevent a buffer overflow in cp2112_xfer()\n\nSmatch warnings:\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()\n\u0027data-\u003eblock[1]\u0027 too small (33 vs 255)\ndrivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() \u0027buf\u0027 too\nsmall (64 vs 255)\n\nThe \u0027read_length\u0027 variable is provided by \u0027data-\u003eblock[0]\u0027 which comes\nfrom user and it(read_length) can take a value between 0-255. Add an\nupper bound to \u0027read_length\u0027 variable to prevent a buffer overflow in\nmemcpy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50156",
"url": "https://www.suse.com/security/cve/CVE-2022-50156"
},
{
"category": "external",
"summary": "SUSE Bug 1244782 for CVE-2022-50156",
"url": "https://bugzilla.suse.com/1244782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50156"
},
{
"cve": "CVE-2022-50157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains()\n\nof_get_next_child() returns a node pointer with refcount incremented, so we\nshould use of_node_put() on it when we don\u0027t need it anymore.\n\nmc_pcie_init_irq_domains() only calls of_node_put() in the normal path,\nmissing it in some error paths. Add missing of_node_put() to avoid\nrefcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50157",
"url": "https://www.suse.com/security/cve/CVE-2022-50157"
},
{
"category": "external",
"summary": "SUSE Bug 1244780 for CVE-2022-50157",
"url": "https://bugzilla.suse.com/1244780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50157"
},
{
"cve": "CVE-2022-50158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: partitions: Fix refcount leak in parse_redboot_of\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50158",
"url": "https://www.suse.com/security/cve/CVE-2022-50158"
},
{
"category": "external",
"summary": "SUSE Bug 1244779 for CVE-2022-50158",
"url": "https://bugzilla.suse.com/1244779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50158"
},
{
"cve": "CVE-2022-50160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in ap_flash_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50160",
"url": "https://www.suse.com/security/cve/CVE-2022-50160"
},
{
"category": "external",
"summary": "SUSE Bug 1244776 for CVE-2022-50160",
"url": "https://bugzilla.suse.com/1244776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50160"
},
{
"cve": "CVE-2022-50161",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50161"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: maps: Fix refcount leak in of_flash_probe_versatile\n\nof_find_matching_node_and_match() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50161",
"url": "https://www.suse.com/security/cve/CVE-2022-50161"
},
{
"category": "external",
"summary": "SUSE Bug 1244774 for CVE-2022-50161",
"url": "https://bugzilla.suse.com/1244774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50161"
},
{
"cve": "CVE-2022-50162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: Fix possible refcount leak in if_usb_probe()\n\nusb_get_dev will be called before lbs_get_firmware_async which means that\nusb_put_dev need to be called when lbs_get_firmware_async fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50162",
"url": "https://www.suse.com/security/cve/CVE-2022-50162"
},
{
"category": "external",
"summary": "SUSE Bug 1244773 for CVE-2022-50162",
"url": "https://bugzilla.suse.com/1244773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50162"
},
{
"cve": "CVE-2022-50164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50164"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue\n\nAfter successfull station association, if station queues are disabled for\nsome reason, the related lists are not emptied. So if some new element is\nadded to the list in iwl_mvm_mac_wake_tx_queue, it can match with the old\none and produce a BUG like this:\n\n[ 46.535263] list_add corruption. prev-\u003enext should be next (ffff94c1c318a360), but was 0000000000000000. (prev=ffff94c1d02d3388).\n[ 46.535283] ------------[ cut here ]------------\n[ 46.535284] kernel BUG at lib/list_debug.c:26!\n[ 46.535290] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 46.585304] CPU: 0 PID: 623 Comm: wpa_supplicant Not tainted 5.19.0-rc3+ #1\n[ 46.592380] Hardware name: Dell Inc. Inspiron 660s/0478VN , BIOS A07 08/24/2012\n[ 46.600336] RIP: 0010:__list_add_valid.cold+0x3d/0x3f\n[ 46.605475] Code: f2 4c 89 c1 48 89 fe 48 c7 c7 c8 40 67 93 e8 20 cc fd ff 0f 0b 48 89 d1 4c 89 c6 4c 89 ca 48 c7 c7 70 40 67 93 e8 09 cc fd ff \u003c0f\u003e 0b 48 89 fe 48 c7 c7 00 41 67 93 e8 f8 cb fd ff 0f 0b 48 89 d1\n[ 46.624469] RSP: 0018:ffffb20800ab76d8 EFLAGS: 00010286\n[ 46.629854] RAX: 0000000000000075 RBX: ffff94c1c318a0e0 RCX: 0000000000000000\n[ 46.637105] RDX: 0000000000000201 RSI: ffffffff9365e100 RDI: 00000000ffffffff\n[ 46.644356] RBP: ffff94c1c5f43370 R08: 0000000000000075 R09: 3064316334396666\n[ 46.651607] R10: 3364323064316334 R11: 39666666663d7665 R12: ffff94c1c5f43388\n[ 46.658857] R13: ffff94c1d02d3388 R14: ffff94c1c318a360 R15: ffff94c1cf2289c0\n[ 46.666108] FS: 00007f65634ff7c0(0000) GS:ffff94c1da200000(0000) knlGS:0000000000000000\n[ 46.674331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 46.680170] CR2: 00007f7dfe984460 CR3: 000000010e894003 CR4: 00000000000606f0\n[ 46.687422] Call Trace:\n[ 46.689906] \u003cTASK\u003e\n[ 46.691950] iwl_mvm_mac_wake_tx_queue+0xec/0x15c [iwlmvm]\n[ 46.697601] ieee80211_queue_skb+0x4b3/0x720 [mac80211]\n[ 46.702973] ? sta_info_get+0x46/0x60 [mac80211]\n[ 46.707703] ieee80211_tx+0xad/0x110 [mac80211]\n[ 46.712355] __ieee80211_tx_skb_tid_band+0x71/0x90 [mac80211]\n...\n\nIn order to avoid this problem, we must also remove the related lists when\nstation queues are disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50164",
"url": "https://www.suse.com/security/cve/CVE-2022-50164"
},
{
"category": "external",
"summary": "SUSE Bug 1244770 for CVE-2022-50164",
"url": "https://bugzilla.suse.com/1244770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50164"
},
{
"cve": "CVE-2022-50165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50165"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()`\n\nCommit 7a4836560a61 changes simple_write_to_buffer() with memdup_user()\nbut it forgets to change the value to be returned that came from\nsimple_write_to_buffer() call. It results in the following warning:\n\n warning: variable \u0027rc\u0027 is uninitialized when used here [-Wuninitialized]\n return rc;\n ^~\n\nRemove rc variable and just return the passed in length if the\nmemdup_user() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50165",
"url": "https://www.suse.com/security/cve/CVE-2022-50165"
},
{
"category": "external",
"summary": "SUSE Bug 1244771 for CVE-2022-50165",
"url": "https://bugzilla.suse.com/1244771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50165"
},
{
"cve": "CVE-2022-50169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()\n\nThe simple_write_to_buffer() function will succeed if even a single\nbyte is initialized. However, we need to initialize the whole buffer\nto prevent information leaks. Just use memdup_user().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50169",
"url": "https://www.suse.com/security/cve/CVE-2022-50169"
},
{
"category": "external",
"summary": "SUSE Bug 1244767 for CVE-2022-50169",
"url": "https://bugzilla.suse.com/1244767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50169"
},
{
"cve": "CVE-2022-50171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/sec - don\u0027t sleep when in softirq\n\nWhen kunpeng920 encryption driver is used to deencrypt and decrypt\npackets during the softirq, it is not allowed to use mutex lock. The\nkernel will report the following error:\n\nBUG: scheduling while atomic: swapper/57/0/0x00000300\nCall trace:\ndump_backtrace+0x0/0x1e4\nshow_stack+0x20/0x2c\ndump_stack+0xd8/0x140\n__schedule_bug+0x68/0x80\n__schedule+0x728/0x840\nschedule+0x50/0xe0\nschedule_preempt_disabled+0x18/0x24\n__mutex_lock.constprop.0+0x594/0x5dc\n__mutex_lock_slowpath+0x1c/0x30\nmutex_lock+0x50/0x60\nsec_request_init+0x8c/0x1a0 [hisi_sec2]\nsec_process+0x28/0x1ac [hisi_sec2]\nsec_skcipher_crypto+0xf4/0x1d4 [hisi_sec2]\nsec_skcipher_encrypt+0x1c/0x30 [hisi_sec2]\ncrypto_skcipher_encrypt+0x2c/0x40\ncrypto_authenc_encrypt+0xc8/0xfc [authenc]\ncrypto_aead_encrypt+0x2c/0x40\nechainiv_encrypt+0x144/0x1a0 [echainiv]\ncrypto_aead_encrypt+0x2c/0x40\nesp_output_tail+0x348/0x5c0 [esp4]\nesp_output+0x120/0x19c [esp4]\nxfrm_output_one+0x25c/0x4d4\nxfrm_output_resume+0x6c/0x1fc\nxfrm_output+0xac/0x3c0\nxfrm4_output+0x64/0x130\nip_build_and_send_pkt+0x158/0x20c\ntcp_v4_send_synack+0xdc/0x1f0\ntcp_conn_request+0x7d0/0x994\ntcp_v4_conn_request+0x58/0x6c\ntcp_v6_conn_request+0xf0/0x100\ntcp_rcv_state_process+0x1cc/0xd60\ntcp_v4_do_rcv+0x10c/0x250\ntcp_v4_rcv+0xfc4/0x10a4\nip_protocol_deliver_rcu+0xf4/0x200\nip_local_deliver_finish+0x58/0x70\nip_local_deliver+0x68/0x120\nip_sublist_rcv_finish+0x70/0x94\nip_list_rcv_finish.constprop.0+0x17c/0x1d0\nip_sublist_rcv+0x40/0xb0\nip_list_rcv+0x140/0x1dc\n__netif_receive_skb_list_core+0x154/0x28c\n__netif_receive_skb_list+0x120/0x1a0\nnetif_receive_skb_list_internal+0xe4/0x1f0\nnapi_complete_done+0x70/0x1f0\ngro_cell_poll+0x9c/0xb0\nnapi_poll+0xcc/0x264\nnet_rx_action+0xd4/0x21c\n__do_softirq+0x130/0x358\nirq_exit+0x11c/0x13c\n__handle_domain_irq+0x88/0xf0\ngic_handle_irq+0x78/0x2c0\nel1_irq+0xb8/0x140\narch_cpu_idle+0x18/0x40\ndefault_idle_call+0x5c/0x1c0\ncpuidle_idle_call+0x174/0x1b0\ndo_idle+0xc8/0x160\ncpu_startup_entry+0x30/0x11c\nsecondary_start_kernel+0x158/0x1e4\nsoftirq: huh, entered softirq 3 NET_RX 0000000093774ee4 with\npreempt_count 00000100, exited with fffffe00?",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50171",
"url": "https://www.suse.com/security/cve/CVE-2022-50171"
},
{
"category": "external",
"summary": "SUSE Bug 1244765 for CVE-2022-50171",
"url": "https://bugzilla.suse.com/1244765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50171"
},
{
"cve": "CVE-2022-50172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg\n\nFree the skb if mt76u_bulk_msg fails in __mt76x02u_mcu_send_msg routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50172",
"url": "https://www.suse.com/security/cve/CVE-2022-50172"
},
{
"category": "external",
"summary": "SUSE Bug 1244764 for CVE-2022-50172",
"url": "https://bugzilla.suse.com/1244764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50172"
},
{
"cve": "CVE-2022-50173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp5: Fix global state lock backoff\n\nWe need to grab the lock after the early return for !hwpipe case.\nOtherwise, we could have hit contention yet still returned 0.\n\nFixes an issue that the new CONFIG_DRM_DEBUG_MODESET_LOCK stuff flagged\nin CI:\n\n WARNING: CPU: 0 PID: 282 at drivers/gpu/drm/drm_modeset_lock.c:296 drm_modeset_lock+0xf8/0x154\n Modules linked in:\n CPU: 0 PID: 282 Comm: kms_cursor_lega Tainted: G W 5.19.0-rc2-15930-g875cc8bc536a #1\n Hardware name: Qualcomm Technologies, Inc. DB820c (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : drm_modeset_lock+0xf8/0x154\n lr : drm_atomic_get_private_obj_state+0x84/0x170\n sp : ffff80000cfab6a0\n x29: ffff80000cfab6a0 x28: 0000000000000000 x27: ffff000083bc4d00\n x26: 0000000000000038 x25: 0000000000000000 x24: ffff80000957ca58\n x23: 0000000000000000 x22: ffff000081ace080 x21: 0000000000000001\n x20: ffff000081acec18 x19: ffff80000cfabb80 x18: 0000000000000038\n x17: 0000000000000000 x16: 0000000000000000 x15: fffffffffffea0d0\n x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47\n x11: ffff80000a386aa8 x10: 0000000000000029 x9 : ffff80000cfab610\n x8 : 0000000000000029 x7 : 0000000000000014 x6 : 0000000000000000\n x5 : 0000000000000001 x4 : ffff8000081ad904 x3 : 0000000000000029\n x2 : ffff0000801db4c0 x1 : ffff80000cfabb80 x0 : ffff000081aceb58\n Call trace:\n drm_modeset_lock+0xf8/0x154\n drm_atomic_get_private_obj_state+0x84/0x170\n mdp5_get_global_state+0x54/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x2ec/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n ...\n ---[ end trace 0000000000000000 ]---\n drm_modeset_lock attempting to lock a contended lock without backoff:\n drm_modeset_lock+0x148/0x154\n mdp5_get_global_state+0x30/0x6c\n mdp5_pipe_release+0x2c/0xd4\n mdp5_plane_atomic_check+0x290/0x414\n drm_atomic_helper_check_planes+0xd8/0x210\n drm_atomic_helper_check+0x54/0xb0\n drm_atomic_check_only+0x4b0/0x8f4\n drm_atomic_commit+0x68/0xe0\n\nPatchwork: https://patchwork.freedesktop.org/patch/492701/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50173",
"url": "https://www.suse.com/security/cve/CVE-2022-50173"
},
{
"category": "external",
"summary": "SUSE Bug 1244992 for CVE-2022-50173",
"url": "https://bugzilla.suse.com/1244992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50173"
},
{
"cve": "CVE-2022-50175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50175"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tw686x: Fix memory leak in tw686x_video_init\n\nvideo_device_alloc() allocates memory for vdev,\nwhen video_register_device() fails, it doesn\u0027t release the memory and\nleads to memory leak, call video_device_release() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50175",
"url": "https://www.suse.com/security/cve/CVE-2022-50175"
},
{
"category": "external",
"summary": "SUSE Bug 1244903 for CVE-2022-50175",
"url": "https://bugzilla.suse.com/1244903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50175"
},
{
"cve": "CVE-2022-50176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50176",
"url": "https://www.suse.com/security/cve/CVE-2022-50176"
},
{
"category": "external",
"summary": "SUSE Bug 1244902 for CVE-2022-50176",
"url": "https://bugzilla.suse.com/1244902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50176"
},
{
"cve": "CVE-2022-50178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: 8852a: rfk: fix div 0 exception\n\nThe DPK is a kind of RF calibration whose algorithm is to fine tune\nparameters and calibrate, and check the result. If the result isn\u0027t good\nenough, it could adjust parameters and try again.\n\nThis issue is to read and show the result, but it could be a negative\ncalibration result that causes divisor 0 and core dump. So, fix it by\nphy_div() that does division only if divisor isn\u0027t zero; otherwise,\nzero is adopted.\n\n divide error: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 728 Comm: wpa_supplicant Not tainted 5.10.114-16019-g462a1661811a #1 \u003cHASH:d024 28\u003e\n RIP: 0010:rtw8852a_dpk+0x14ae/0x288f [rtw89_core]\n RSP: 0018:ffffa9bb412a7520 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 00000000000180fc RDI: ffffa141d01023c0\n RBP: ffffa9bb412a76a0 R08: 0000000000001319 R09: 00000000ffffff92\n R10: ffffffffc0292de3 R11: ffffffffc00d2f51 R12: 0000000000000000\n R13: ffffa141d01023c0 R14: ffffffffc0290250 R15: ffffa141d0102638\n FS: 00007fa99f5c2740(0000) GS:ffffa142e5e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000013e8e010 CR3: 0000000110d2c000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n rtw89_core_sta_add+0x95/0x9c [rtw89_core \u003cHASH:d239 29\u003e]\n rtw89_ops_sta_state+0x5d/0x108 [rtw89_core \u003cHASH:d239 29\u003e]\n drv_sta_state+0x115/0x66f [mac80211 \u003cHASH:81fe 30\u003e]\n sta_info_insert_rcu+0x45c/0x713 [mac80211 \u003cHASH:81fe 30\u003e]\n sta_info_insert+0xf/0x1b [mac80211 \u003cHASH:81fe 30\u003e]\n ieee80211_prep_connection+0x9d6/0xb0c [mac80211 \u003cHASH:81fe 30\u003e]\n ieee80211_mgd_auth+0x2aa/0x352 [mac80211 \u003cHASH:81fe 30\u003e]\n cfg80211_mlme_auth+0x160/0x1f6 [cfg80211 \u003cHASH:00cd 31\u003e]\n nl80211_authenticate+0x2e5/0x306 [cfg80211 \u003cHASH:00cd 31\u003e]\n genl_rcv_msg+0x371/0x3a1\n ? nl80211_stop_sched_scan+0xe5/0xe5 [cfg80211 \u003cHASH:00cd 31\u003e]\n ? genl_rcv+0x36/0x36\n netlink_rcv_skb+0x8a/0xf9\n genl_rcv+0x28/0x36\n netlink_unicast+0x27b/0x3a0\n netlink_sendmsg+0x2aa/0x469\n sock_sendmsg_nosec+0x49/0x4d\n ____sys_sendmsg+0xe5/0x213\n __sys_sendmsg+0xec/0x157\n ? syscall_enter_from_user_mode+0xd7/0x116\n do_syscall_64+0x43/0x55\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n RIP: 0033:0x7fa99f6e689b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50178",
"url": "https://www.suse.com/security/cve/CVE-2022-50178"
},
{
"category": "external",
"summary": "SUSE Bug 1244900 for CVE-2022-50178",
"url": "https://bugzilla.suse.com/1244900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50178"
},
{
"cve": "CVE-2022-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k: fix use-after-free in ath9k_hif_usb_rx_cb\n\nSyzbot reported use-after-free Read in ath9k_hif_usb_rx_cb() [0]. The\nproblem was in incorrect htc_handle-\u003edrv_priv initialization.\n\nProbable call trace which can trigger use-after-free:\n\nath9k_htc_probe_device()\n /* htc_handle-\u003edrv_priv = priv; */\n ath9k_htc_wait_for_target() \u003c--- Failed\n ieee80211_free_hw()\t\t \u003c--- priv pointer is freed\n\n\u003cIRQ\u003e\n...\nath9k_hif_usb_rx_cb()\n ath9k_hif_usb_rx_stream()\n RX_STAT_INC()\t\t\u003c--- htc_handle-\u003edrv_priv access\n\nIn order to not add fancy protection for drv_priv we can move\nhtc_handle-\u003edrv_priv initialization at the end of the\nath9k_htc_probe_device() and add helper macro to make\nall *_STAT_* macros NULL safe, since syzbot has reported related NULL\nderef in that macros [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50179",
"url": "https://www.suse.com/security/cve/CVE-2022-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1244886 for CVE-2022-50179",
"url": "https://bugzilla.suse.com/1244886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50179"
},
{
"cve": "CVE-2022-50181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-gpu: fix a missing check to avoid NULL dereference\n\n\u0027cache_ent\u0027 could be set NULL inside virtio_gpu_cmd_get_capset()\nand it will lead to a NULL dereference by a lately use of it\n(i.e., ptr = cache_ent-\u003ecaps_cache). Fix it with a NULL check.\n\n\n[ kraxel: minor codestyle fixup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50181",
"url": "https://www.suse.com/security/cve/CVE-2022-50181"
},
{
"category": "external",
"summary": "SUSE Bug 1244901 for CVE-2022-50181",
"url": "https://bugzilla.suse.com/1244901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50181"
},
{
"cve": "CVE-2022-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()\n\nThe last case label can write two buffers \u0027mc_reg_address[j]\u0027 and\n\u0027mc_data[j]\u0027 with \u0027j\u0027 offset equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE\nsince there are no checks for this value in both case labels after the\nlast \u0027j++\u0027.\n\nInstead of changing \u0027\u003e\u0027 to \u0027\u003e=\u0027 there, add the bounds check at the start\nof the second \u0027case\u0027 (the first one already has it).\n\nAlso, remove redundant last checks for \u0027j\u0027 index bigger than array size.\nThe expression is always false. Moreover, before or after the patch\n\u0027table-\u003elast\u0027 can be equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE and it\nseems it can be a valid value.\n\nDetected using the static analysis tool - Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50185",
"url": "https://www.suse.com/security/cve/CVE-2022-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1244887 for CVE-2022-50185",
"url": "https://bugzilla.suse.com/1244887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50185"
},
{
"cve": "CVE-2022-50187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath11k: fix netdev open race\n\nMake sure to allocate resources needed before registering the device.\n\nThis specifically avoids having a racing open() trigger a BUG_ON() in\nmod_timer() when ath11k_mac_op_start() is called before the\nmon_reap_timer as been set up.\n\nI did not see this issue with next-20220310, but I hit it on every probe\nwith next-20220511. Perhaps some timing changed in between.\n\nHere\u0027s the backtrace:\n\n[ 51.346947] kernel BUG at kernel/time/timer.c:990!\n[ 51.346958] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP\n...\n[ 51.578225] Call trace:\n[ 51.583293] __mod_timer+0x298/0x390\n[ 51.589518] mod_timer+0x14/0x20\n[ 51.595368] ath11k_mac_op_start+0x41c/0x4a0 [ath11k]\n[ 51.603165] drv_start+0x38/0x60 [mac80211]\n[ 51.610110] ieee80211_do_open+0x29c/0x7d0 [mac80211]\n[ 51.617945] ieee80211_open+0x60/0xb0 [mac80211]\n[ 51.625311] __dev_open+0x100/0x1c0\n[ 51.631420] __dev_change_flags+0x194/0x210\n[ 51.638214] dev_change_flags+0x24/0x70\n[ 51.644646] do_setlink+0x228/0xdb0\n[ 51.650723] __rtnl_newlink+0x460/0x830\n[ 51.657162] rtnl_newlink+0x4c/0x80\n[ 51.663229] rtnetlink_rcv_msg+0x124/0x390\n[ 51.669917] netlink_rcv_skb+0x58/0x130\n[ 51.676314] rtnetlink_rcv+0x18/0x30\n[ 51.682460] netlink_unicast+0x250/0x310\n[ 51.688960] netlink_sendmsg+0x19c/0x3e0\n[ 51.695458] ____sys_sendmsg+0x220/0x290\n[ 51.701938] ___sys_sendmsg+0x7c/0xc0\n[ 51.708148] __sys_sendmsg+0x68/0xd0\n[ 51.714254] __arm64_sys_sendmsg+0x28/0x40\n[ 51.720900] invoke_syscall+0x48/0x120\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50187",
"url": "https://www.suse.com/security/cve/CVE-2022-50187"
},
{
"category": "external",
"summary": "SUSE Bug 1244890 for CVE-2022-50187",
"url": "https://bugzilla.suse.com/1244890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50187"
},
{
"cve": "CVE-2022-50190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix simplification of devm_spi_register_controller\n\nThis reverts commit 59ebbe40fb51 (\"spi: simplify\ndevm_spi_register_controller\").\n\nIf devm_add_action() fails in devm_add_action_or_reset(),\ndevm_spi_unregister() will be called, it decreases the\nrefcount of \u0027ctlr-\u003edev\u0027 to 0, then it will cause uaf in\nthe drivers that calling spi_put_controller() in error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50190",
"url": "https://www.suse.com/security/cve/CVE-2022-50190"
},
{
"category": "external",
"summary": "SUSE Bug 1244895 for CVE-2022-50190",
"url": "https://bugzilla.suse.com/1244895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50190"
},
{
"cve": "CVE-2022-50191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50191"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: of: Fix refcount leak bug in of_get_regulation_constraints()\n\nWe should call the of_node_put() for the reference returned by\nof_get_child_by_name() which has increased the refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50191",
"url": "https://www.suse.com/security/cve/CVE-2022-50191"
},
{
"category": "external",
"summary": "SUSE Bug 1244899 for CVE-2022-50191",
"url": "https://bugzilla.suse.com/1244899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50191"
},
{
"cve": "CVE-2022-50192",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50192"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: tegra20-slink: fix UAF in tegra_slink_remove()\n\nAfter calling spi_unregister_master(), the refcount of master will\nbe decrease to 0, and it will be freed in spi_controller_release(),\nthe device data also will be freed, so it will lead a UAF when using\n\u0027tspi\u0027. To fix this, get the master before unregister and put it when\nfinish using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50192",
"url": "https://www.suse.com/security/cve/CVE-2022-50192"
},
{
"category": "external",
"summary": "SUSE Bug 1244879 for CVE-2022-50192",
"url": "https://bugzilla.suse.com/1244879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50192"
},
{
"cve": "CVE-2022-50194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference count of the previous node.\nWhen breaking early from a for_each_available_child_of_node() loop,\nwe need to explicitly call of_node_put() on the child node.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50194",
"url": "https://www.suse.com/security/cve/CVE-2022-50194"
},
{
"category": "external",
"summary": "SUSE Bug 1244878 for CVE-2022-50194",
"url": "https://bugzilla.suse.com/1244878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50194"
},
{
"cve": "CVE-2022-50196",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50196"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: ocmem: Fix refcount leak in of_get_ocmem\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\nof_node_put() will check NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50196",
"url": "https://www.suse.com/security/cve/CVE-2022-50196"
},
{
"category": "external",
"summary": "SUSE Bug 1244875 for CVE-2022-50196",
"url": "https://bugzilla.suse.com/1244875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50196"
},
{
"cve": "CVE-2022-50197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: zynq: Fix refcount leak in zynq_get_revision\n\nof_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50197",
"url": "https://www.suse.com/security/cve/CVE-2022-50197"
},
{
"category": "external",
"summary": "SUSE Bug 1244876 for CVE-2022-50197",
"url": "https://bugzilla.suse.com/1244876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50197"
},
{
"cve": "CVE-2022-50198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50198",
"url": "https://www.suse.com/security/cve/CVE-2022-50198"
},
{
"category": "external",
"summary": "SUSE Bug 1244872 for CVE-2022-50198",
"url": "https://bugzilla.suse.com/1244872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50198"
},
{
"cve": "CVE-2022-50199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50199"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: Fix refcount leak in omapdss_init_of\n\nomapdss_find_dss_of_node() calls of_find_compatible_node() to get device\nnode. of_find_compatible_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() in later error path and normal path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50199",
"url": "https://www.suse.com/security/cve/CVE-2022-50199"
},
{
"category": "external",
"summary": "SUSE Bug 1244873 for CVE-2022-50199",
"url": "https://bugzilla.suse.com/1244873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50199"
},
{
"cve": "CVE-2022-50200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50200"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: Add boundary check in put_entry()\n\nJust like next_entry(), boundary check is necessary to prevent memory\nout-of-bound access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50200",
"url": "https://www.suse.com/security/cve/CVE-2022-50200"
},
{
"category": "external",
"summary": "SUSE Bug 1245149 for CVE-2022-50200",
"url": "https://bugzilla.suse.com/1245149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-50200"
},
{
"cve": "CVE-2022-50201",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50201"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: fix memleak in security_read_state_kernel()\n\nIn this function, it directly returns the result of __security_read_policy\nwithout freeing the allocated memory in *data, cause memory leak issue,\nso free the memory if __security_read_policy failed.\n\n[PM: subject line tweak]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50201",
"url": "https://www.suse.com/security/cve/CVE-2022-50201"
},
{
"category": "external",
"summary": "SUSE Bug 1245197 for CVE-2022-50201",
"url": "https://bugzilla.suse.com/1245197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50201"
},
{
"cve": "CVE-2022-50202",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50202"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: hibernate: defer device probing when resuming from hibernation\n\nsyzbot is reporting hung task at misc_open() [1], for there is a race\nwindow of AB-BA deadlock which involves probe_count variable. Currently\nwait_for_device_probe() from snapshot_open() from misc_open() can sleep\nforever with misc_mtx held if probe_count cannot become 0.\n\nWhen a device is probed by hub_event() work function, probe_count is\nincremented before the probe function starts, and probe_count is\ndecremented after the probe function completed.\n\nThere are three cases that can prevent probe_count from dropping to 0.\n\n (a) A device being probed stopped responding (i.e. broken/malicious\n hardware).\n\n (b) A process emulating a USB device using /dev/raw-gadget interface\n stopped responding for some reason.\n\n (c) New device probe requests keeps coming in before existing device\n probe requests complete.\n\nThe phenomenon syzbot is reporting is (b). A process which is holding\nsystem_transition_mutex and misc_mtx is waiting for probe_count to become\n0 inside wait_for_device_probe(), but the probe function which is called\n from hub_event() work function is waiting for the processes which are\nblocked at mutex_lock(\u0026misc_mtx) to respond via /dev/raw-gadget interface.\n\nThis patch mitigates (b) by deferring wait_for_device_probe() from\nsnapshot_open() to snapshot_write() and snapshot_ioctl(). Please note that\nthe possibility of (b) remains as long as any thread which is emulating a\nUSB device via /dev/raw-gadget interface can be blocked by uninterruptible\nblocking operations (e.g. mutex_lock()).\n\nPlease also note that (a) and (c) are not addressed. Regarding (c), we\nshould change the code to wait for only one device which contains the\nimage for resuming from hibernation. I don\u0027t know how to address (a), for\nuse of timeout for wait_for_device_probe() might result in loss of user\ndata in the image. Maybe we should require the userland to wait for the\nimage device before opening /dev/snapshot interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50202",
"url": "https://www.suse.com/security/cve/CVE-2022-50202"
},
{
"category": "external",
"summary": "SUSE Bug 1245154 for CVE-2022-50202",
"url": "https://bugzilla.suse.com/1245154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50202"
},
{
"cve": "CVE-2022-50203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50203"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: display: Fix refcount leak bug\n\nIn omapdss_init_fbdev(), of_find_node_by_name() will return a node\npointer with refcount incremented. We should use of_node_put() when\nit is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50203",
"url": "https://www.suse.com/security/cve/CVE-2022-50203"
},
{
"category": "external",
"summary": "SUSE Bug 1245189 for CVE-2022-50203",
"url": "https://bugzilla.suse.com/1245189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50203"
},
{
"cve": "CVE-2022-50204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50204"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: OMAP2+: pdata-quirks: Fix refcount leak bug\n\nIn pdata_quirks_init_clocks(), the loop contains\nof_find_node_by_name() but without corresponding of_node_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50204",
"url": "https://www.suse.com/security/cve/CVE-2022-50204"
},
{
"category": "external",
"summary": "SUSE Bug 1245191 for CVE-2022-50204",
"url": "https://bugzilla.suse.com/1245191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50204"
},
{
"cve": "CVE-2022-50206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: fix oops in concurrently setting insn_emulation sysctls\n\nemulation_proc_handler() changes table-\u003edata for proc_dointvec_minmax\nand can generate the following Oops if called concurrently with itself:\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010\n | Internal error: Oops: 96000006 [#1] SMP\n | Call trace:\n | update_insn_emulation_mode+0xc0/0x148\n | emulation_proc_handler+0x64/0xb8\n | proc_sys_call_handler+0x9c/0xf8\n | proc_sys_write+0x18/0x20\n | __vfs_write+0x20/0x48\n | vfs_write+0xe4/0x1d0\n | ksys_write+0x70/0xf8\n | __arm64_sys_write+0x20/0x28\n | el0_svc_common.constprop.0+0x7c/0x1c0\n | el0_svc_handler+0x2c/0xa0\n | el0_svc+0x8/0x200\n\nTo fix this issue, keep the table-\u003edata as \u0026insn-\u003ecurrent_mode and\nuse container_of() to retrieve the insn pointer. Another mutex is\nused to protect against the current_mode update but not for retrieving\ninsn_emulation as table-\u003edata is no longer changing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50206",
"url": "https://www.suse.com/security/cve/CVE-2022-50206"
},
{
"category": "external",
"summary": "SUSE Bug 1245152 for CVE-2022-50206",
"url": "https://bugzilla.suse.com/1245152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50206"
},
{
"cve": "CVE-2022-50207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50207"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: bcm: Fix refcount leak in bcm_kona_smc_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50207",
"url": "https://www.suse.com/security/cve/CVE-2022-50207"
},
{
"category": "external",
"summary": "SUSE Bug 1244871 for CVE-2022-50207",
"url": "https://bugzilla.suse.com/1244871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50207"
},
{
"cve": "CVE-2022-50208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: amlogic: Fix refcount leak in meson-secure-pwrc.c\n\nIn meson_secure_pwrc_probe(), there is a refcount leak in one fail\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50208",
"url": "https://www.suse.com/security/cve/CVE-2022-50208"
},
{
"category": "external",
"summary": "SUSE Bug 1244870 for CVE-2022-50208",
"url": "https://bugzilla.suse.com/1244870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50208"
},
{
"cve": "CVE-2022-50209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmeson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init\n\nof_find_matching_node() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50209",
"url": "https://www.suse.com/security/cve/CVE-2022-50209"
},
{
"category": "external",
"summary": "SUSE Bug 1244868 for CVE-2022-50209",
"url": "https://bugzilla.suse.com/1244868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50209"
},
{
"cve": "CVE-2022-50211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50211"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd-raid10: fix KASAN warning\n\nThere\u0027s a KASAN warning in raid10_remove_disk when running the lvm\ntest lvconvert-raid-reshape.sh. We fix this warning by verifying that the\nvalue \"number\" is valid.\n\nBUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10]\nRead of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682\n\nCPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x34/0x44\n print_report.cold+0x45/0x57a\n ? __lock_text_start+0x18/0x18\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n kasan_report+0xa8/0xe0\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n raid10_remove_disk+0x61/0x2a0 [raid10]\nBuffer I/O error on dev dm-76, logical block 15344, async page read\n ? __mutex_unlock_slowpath.constprop.0+0x1e0/0x1e0\n remove_and_add_spares+0x367/0x8a0 [md_mod]\n ? super_written+0x1c0/0x1c0 [md_mod]\n ? mutex_trylock+0xac/0x120\n ? _raw_spin_lock+0x72/0xc0\n ? _raw_spin_lock_bh+0xc0/0xc0\n md_check_recovery+0x848/0x960 [md_mod]\n raid10d+0xcf/0x3360 [raid10]\n ? sched_clock_cpu+0x185/0x1a0\n ? rb_erase+0x4d4/0x620\n ? var_wake_function+0xe0/0xe0\n ? psi_group_change+0x411/0x500\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? raid10_sync_request+0x36c0/0x36c0 [raid10]\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_unlock_irqrestore+0x19/0x40\n ? del_timer_sync+0xa9/0x100\n ? try_to_del_timer_sync+0xc0/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? _raw_spin_unlock_irq+0x11/0x24\n ? __list_del_entry_valid+0x68/0xa0\n ? finish_wait+0xa3/0x100\n md_thread+0x161/0x260 [md_mod]\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? prepare_to_wait_event+0x2c0/0x2c0\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n kthread+0x148/0x180\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\nAllocated by task 124495:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x80/0xa0\n setup_conf+0x140/0x5c0 [raid10]\n raid10_run+0x4cd/0x740 [raid10]\n md_run+0x6f9/0x1300 [md_mod]\n raid_ctr+0x2531/0x4ac0 [dm_raid]\n dm_table_add_target+0x2b0/0x620 [dm_mod]\n table_load+0x1c8/0x400 [dm_mod]\n ctl_ioctl+0x29e/0x560 [dm_mod]\n dm_compat_ctl_ioctl+0x7/0x20 [dm_mod]\n __do_compat_sys_ioctl+0xfa/0x160\n do_syscall_64+0x90/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nLast potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\nL __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\n __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe buggy address belongs to the object at ffff889108f3d200\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n 256-byte region [ffff889108f3d200, ffff889108f3d300)\n\nThe buggy address belongs to the physical page:\npage:000000007ef2a34c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1108f3c\nhead:000000007ef2a34c order:2 compound_mapcount:0 compound_pincount:0\nflags: 0x4000000000010200(slab|head|zone=2)\nraw: 4000000000010200 0000000000000000 dead000000000001 ffff889100042b40\nraw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff889108f3d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff889108f3d280: 00 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50211",
"url": "https://www.suse.com/security/cve/CVE-2022-50211"
},
{
"category": "external",
"summary": "SUSE Bug 1245140 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245140"
},
{
"category": "external",
"summary": "SUSE Bug 1245141 for CVE-2022-50211",
"url": "https://bugzilla.suse.com/1245141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2022-50211"
},
{
"cve": "CVE-2022-50212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow CHAIN_ID to refer to another table\n\nWhen doing lookups for chains on the same batch by using its ID, a chain\nfrom a different table can be used. If a rule is added to a table but\nrefers to a chain in a different table, it will be linked to the chain in\ntable2, but would have expressions referring to objects in table1.\n\nThen, when table1 is removed, the rule will not be removed as its linked to\na chain in table2. When expressions in the rule are processed or removed,\nthat will lead to a use-after-free.\n\nWhen looking for chains by ID, use the table that was used for the lookup\nby name, and only return chains belonging to that same table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50212",
"url": "https://www.suse.com/security/cve/CVE-2022-50212"
},
{
"category": "external",
"summary": "SUSE Bug 1244869 for CVE-2022-50212",
"url": "https://bugzilla.suse.com/1244869"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50212"
},
{
"cve": "CVE-2022-50213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50213"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not allow SET_ID to refer to another table\n\nWhen doing lookups for sets on the same batch by using its ID, a set from a\ndifferent table can be used.\n\nThen, when the table is removed, a reference to the set may be kept after\nthe set is freed, leading to a potential use-after-free.\n\nWhen looking for sets by ID, use the table that was used for the lookup by\nname, and only return sets belonging to that same table.\n\nThis fixes CVE-2022-2586, also reported as ZDI-CAN-17470.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50213",
"url": "https://www.suse.com/security/cve/CVE-2022-50213"
},
{
"category": "external",
"summary": "SUSE Bug 1244867 for CVE-2022-50213",
"url": "https://bugzilla.suse.com/1244867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50213"
},
{
"cve": "CVE-2022-50215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50215"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Allow waiting for commands to complete on removed device\n\nWhen a SCSI device is removed while in active use, currently sg will\nimmediately return -ENODEV on any attempt to wait for active commands that\nwere sent before the removal. This is problematic for commands that use\nSG_FLAG_DIRECT_IO since the data buffer may still be in use by the kernel\nwhen userspace frees or reuses it after getting ENODEV, leading to\ncorrupted userspace memory (in the case of READ-type commands) or corrupted\ndata being sent to the device (in the case of WRITE-type commands). This\nhas been seen in practice when logging out of a iscsi_tcp session, where\nthe iSCSI driver may still be processing commands after the device has been\nmarked for removal.\n\nChange the policy to allow userspace to wait for active sg commands even\nwhen the device is being removed. Return -ENODEV only when there are no\nmore responses to read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50215",
"url": "https://www.suse.com/security/cve/CVE-2022-50215"
},
{
"category": "external",
"summary": "SUSE Bug 1245138 for CVE-2022-50215",
"url": "https://bugzilla.suse.com/1245138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50215"
},
{
"cve": "CVE-2022-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: isl29028: Fix the warning in isl29028_remove()\n\nThe driver use the non-managed form of the register function in\nisl29028_remove(). To keep the release order as mirroring the ordering\nin probe, the driver should use non-managed form in probe, too.\n\nThe following log reveals it:\n\n[ 32.374955] isl29028 0-0010: remove\n[ 32.376861] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 32.377676] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 32.379432] RIP: 0010:kernfs_find_and_get_ns+0x28/0xe0\n[ 32.385461] Call Trace:\n[ 32.385807] sysfs_unmerge_group+0x59/0x110\n[ 32.386110] dpm_sysfs_remove+0x58/0xc0\n[ 32.386391] device_del+0x296/0xe50\n[ 32.386959] cdev_device_del+0x1d/0xd0\n[ 32.387231] devm_iio_device_unreg+0x27/0xb0\n[ 32.387542] devres_release_group+0x319/0x3d0\n[ 32.388162] i2c_device_remove+0x93/0x1f0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50218",
"url": "https://www.suse.com/security/cve/CVE-2022-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1244861 for CVE-2022-50218",
"url": "https://bugzilla.suse.com/1244861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50218"
},
{
"cve": "CVE-2022-50220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50220"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: Fix linkwatch use-after-free on disconnect\n\nusbnet uses the work usbnet_deferred_kevent() to perform tasks which may\nsleep. On disconnect, completion of the work was originally awaited in\n-\u003endo_stop(). But in 2003, that was moved to -\u003edisconnect() by historic\ncommit \"[PATCH] USB: usbnet, prevent exotic rtnl deadlock\":\n\n https://git.kernel.org/tglx/history/c/0f138bbfd83c\n\nThe change was made because back then, the kernel\u0027s workqueue\nimplementation did not allow waiting for a single work. One had to wait\nfor completion of *all* work by calling flush_scheduled_work(), and that\ncould deadlock when waiting for usbnet_deferred_kevent() with rtnl_mutex\nheld in -\u003endo_stop().\n\nThe commit solved one problem but created another: It causes a\nuse-after-free in USB Ethernet drivers aqc111.c, asix_devices.c,\nax88179_178a.c, ch9200.c and smsc75xx.c:\n\n* If the drivers receive a link change interrupt immediately before\n disconnect, they raise EVENT_LINK_RESET in their (non-sleepable)\n -\u003estatus() callback and schedule usbnet_deferred_kevent().\n* usbnet_deferred_kevent() invokes the driver\u0027s -\u003elink_reset() callback,\n which calls netif_carrier_{on,off}().\n* That in turn schedules the work linkwatch_event().\n\nBecause usbnet_deferred_kevent() is awaited after unregister_netdev(),\nnetif_carrier_{on,off}() may operate on an unregistered netdev and\nlinkwatch_event() may run after free_netdev(), causing a use-after-free.\n\nIn 2010, usbnet was changed to only wait for a single instance of\nusbnet_deferred_kevent() instead of *all* work by commit 23f333a2bfaf\n(\"drivers/net: don\u0027t use flush_scheduled_work()\").\n\nUnfortunately the commit neglected to move the wait back to\n-\u003endo_stop(). Rectify that omission at long last.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50220",
"url": "https://www.suse.com/security/cve/CVE-2022-50220"
},
{
"category": "external",
"summary": "SUSE Bug 1245348 for CVE-2022-50220",
"url": "https://bugzilla.suse.com/1245348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50220"
},
{
"cve": "CVE-2022-50222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50222"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vt: initialize unicode screen buffer\n\nsyzbot reports kernel infoleak at vcs_read() [1], for buffer can be read\nimmediately after resize operation. Initialize buffer using kzalloc().\n\n ----------\n #include \u003cfcntl.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003csys/ioctl.h\u003e\n #include \u003clinux/fb.h\u003e\n\n int main(int argc, char *argv[])\n {\n struct fb_var_screeninfo var = { };\n const int fb_fd = open(\"/dev/fb0\", 3);\n ioctl(fb_fd, FBIOGET_VSCREENINFO, \u0026var);\n var.yres = 0x21;\n ioctl(fb_fd, FBIOPUT_VSCREENINFO, \u0026var);\n return read(open(\"/dev/vcsu\", O_RDONLY), \u0026var, sizeof(var)) == -1;\n }\n ----------",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50222",
"url": "https://www.suse.com/security/cve/CVE-2022-50222"
},
{
"category": "external",
"summary": "SUSE Bug 1245136 for CVE-2022-50222",
"url": "https://bugzilla.suse.com/1245136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50222"
},
{
"cve": "CVE-2022-50226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak\n\nFor some sev ioctl interfaces, input may be passed that is less than or\nequal to SEV_FW_BLOB_MAX_SIZE, but larger than the data that PSP\nfirmware returns. In this case, kmalloc will allocate memory that is the\nsize of the input rather than the size of the data. Since PSP firmware\ndoesn\u0027t fully overwrite the buffer, the sev ioctl interfaces with the\nissue may return uninitialized slab memory.\n\nCurrently, all of the ioctl interfaces in the ccp driver are safe, but\nto prevent future problems, change all ioctl interfaces that allocate\nmemory with kmalloc to use kzalloc and memset the data buffer to zero\nin sev_ioctl_do_platform_status.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50226",
"url": "https://www.suse.com/security/cve/CVE-2022-50226"
},
{
"category": "external",
"summary": "SUSE Bug 1244860 for CVE-2022-50226",
"url": "https://bugzilla.suse.com/1244860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50226"
},
{
"cve": "CVE-2022-50228",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50228"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0\n\nDon\u0027t BUG/WARN on interrupt injection due to GIF being cleared,\nsince it\u0027s trivial for userspace to force the situation via\nKVM_SET_VCPU_EVENTS (even if having at least a WARN there would be correct\nfor KVM internally generated injections).\n\n kernel BUG at arch/x86/kvm/svm/svm.c:3386!\n invalid opcode: 0000 [#1] SMP\n CPU: 15 PID: 926 Comm: smm_test Not tainted 5.17.0-rc3+ #264\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:svm_inject_irq+0xab/0xb0 [kvm_amd]\n Code: \u003c0f\u003e 0b 0f 1f 00 0f 1f 44 00 00 80 3d ac b3 01 00 00 55 48 89 f5 53\n RSP: 0018:ffffc90000b37d88 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff88810a234ac0 RCX: 0000000000000006\n RDX: 0000000000000000 RSI: ffffc90000b37df7 RDI: ffff88810a234ac0\n RBP: ffffc90000b37df7 R08: ffff88810a1fa410 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff888109571000 R14: ffff88810a234ac0 R15: 0000000000000000\n FS: 0000000001821380(0000) GS:ffff88846fdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f74fc550008 CR3: 000000010a6fe000 CR4: 0000000000350ea0\n Call Trace:\n \u003cTASK\u003e\n inject_pending_event+0x2f7/0x4c0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x791/0x17a0 [kvm]\n kvm_vcpu_ioctl+0x26d/0x650 [kvm]\n __x64_sys_ioctl+0x82/0xb0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50228",
"url": "https://www.suse.com/security/cve/CVE-2022-50228"
},
{
"category": "external",
"summary": "SUSE Bug 1244854 for CVE-2022-50228",
"url": "https://bugzilla.suse.com/1244854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50228"
},
{
"cve": "CVE-2022-50229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: bcd2000: Fix a UAF bug on the error path of probing\n\nWhen the driver fails in snd_card_register() at probe time, it will free\nthe \u0027bcd2k-\u003emidi_out_urb\u0027 before killing it, which may cause a UAF bug.\n\nThe following log can reveal it:\n\n[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0\n[ 50.729530] Call Trace:\n[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n\nFix this by adding usb_kill_urb() before usb_free_urb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50229",
"url": "https://www.suse.com/security/cve/CVE-2022-50229"
},
{
"category": "external",
"summary": "SUSE Bug 1244856 for CVE-2022-50229",
"url": "https://bugzilla.suse.com/1244856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50229"
},
{
"cve": "CVE-2022-50231",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50231"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: arm64/poly1305 - fix a read out-of-bound\n\nA kasan error was reported during fuzzing:\n\nBUG: KASAN: slab-out-of-bounds in neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\nRead of size 4 at addr ffff0010e293f010 by task syz-executor.5/1646715\nCPU: 4 PID: 1646715 Comm: syz-executor.5 Kdump: loaded Not tainted 5.10.0.aarch64 #1\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.59 01/31/2019\nCall trace:\n dump_backtrace+0x0/0x394\n show_stack+0x34/0x4c arch/arm64/kernel/stacktrace.c:196\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x158/0x1e4 lib/dump_stack.c:118\n print_address_description.constprop.0+0x68/0x204 mm/kasan/report.c:387\n __kasan_report+0xe0/0x140 mm/kasan/report.c:547\n kasan_report+0x44/0xe0 mm/kasan/report.c:564\n check_memory_region_inline mm/kasan/generic.c:187 [inline]\n __asan_load4+0x94/0xd0 mm/kasan/generic.c:252\n neon_poly1305_blocks.constprop.0+0x1b4/0x250 [poly1305_neon]\n neon_poly1305_do_update+0x6c/0x15c [poly1305_neon]\n neon_poly1305_update+0x9c/0x1c4 [poly1305_neon]\n crypto_shash_update crypto/shash.c:131 [inline]\n shash_finup_unaligned+0x84/0x15c crypto/shash.c:179\n crypto_shash_finup+0x8c/0x140 crypto/shash.c:193\n shash_digest_unaligned+0xb8/0xe4 crypto/shash.c:201\n crypto_shash_digest+0xa4/0xfc crypto/shash.c:217\n crypto_shash_tfm_digest+0xb4/0x150 crypto/shash.c:229\n essiv_skcipher_setkey+0x164/0x200 [essiv]\n crypto_skcipher_setkey+0xb0/0x160 crypto/skcipher.c:612\n skcipher_setkey+0x3c/0x50 crypto/algif_skcipher.c:305\n alg_setkey+0x114/0x2a0 crypto/af_alg.c:220\n alg_setsockopt+0x19c/0x210 crypto/af_alg.c:253\n __sys_setsockopt+0x190/0x2e0 net/socket.c:2123\n __do_sys_setsockopt net/socket.c:2134 [inline]\n __se_sys_setsockopt net/socket.c:2131 [inline]\n __arm64_sys_setsockopt+0x78/0x94 net/socket.c:2131\n __invoke_syscall arch/arm64/kernel/syscall.c:36 [inline]\n invoke_syscall+0x64/0x100 arch/arm64/kernel/syscall.c:48\n el0_svc_common.constprop.0+0x220/0x230 arch/arm64/kernel/syscall.c:155\n do_el0_svc+0xb4/0xd4 arch/arm64/kernel/syscall.c:217\n el0_svc+0x24/0x3c arch/arm64/kernel/entry-common.c:353\n el0_sync_handler+0x160/0x164 arch/arm64/kernel/entry-common.c:369\n el0_sync+0x160/0x180 arch/arm64/kernel/entry.S:683\n\nThis error can be reproduced by the following code compiled as ko on a\nsystem with kasan enabled:\n\n#include \u003clinux/module.h\u003e\n#include \u003clinux/crypto.h\u003e\n#include \u003ccrypto/hash.h\u003e\n#include \u003ccrypto/poly1305.h\u003e\n\nchar test_data[] = \"\\x00\\x01\\x02\\x03\\x04\\x05\\x06\\x07\"\n \"\\x08\\x09\\x0a\\x0b\\x0c\\x0d\\x0e\\x0f\"\n \"\\x10\\x11\\x12\\x13\\x14\\x15\\x16\\x17\"\n \"\\x18\\x19\\x1a\\x1b\\x1c\\x1d\\x1e\";\n\nint init(void)\n{\n struct crypto_shash *tfm = NULL;\n char *data = NULL, *out = NULL;\n\n tfm = crypto_alloc_shash(\"poly1305\", 0, 0);\n data = kmalloc(POLY1305_KEY_SIZE - 1, GFP_KERNEL);\n out = kmalloc(POLY1305_DIGEST_SIZE, GFP_KERNEL);\n memcpy(data, test_data, POLY1305_KEY_SIZE - 1);\n crypto_shash_tfm_digest(tfm, data, POLY1305_KEY_SIZE - 1, out);\n\n kfree(data);\n kfree(out);\n return 0;\n}\n\nvoid deinit(void)\n{\n}\n\nmodule_init(init)\nmodule_exit(deinit)\nMODULE_LICENSE(\"GPL\");\n\nThe root cause of the bug sits in neon_poly1305_blocks. The logic\nneon_poly1305_blocks() performed is that if it was called with both s[]\nand r[] uninitialized, it will first try to initialize them with the\ndata from the first \"block\" that it believed to be 32 bytes in length.\nFirst 16 bytes are used as the key and the next 16 bytes for s[]. This\nwould lead to the aforementioned read out-of-bound. However, after\ncalling poly1305_init_arch(), only 16 bytes were deducted from the input\nand s[] is initialized yet again with the following 16 bytes. The second\ninitialization of s[] is certainly redundent which indicates that the\nfirst initialization should be for r[] only.\n\nThis patch fixes the issue by calling poly1305_init_arm64() instead o\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50231",
"url": "https://www.suse.com/security/cve/CVE-2022-50231"
},
{
"category": "external",
"summary": "SUSE Bug 1244853 for CVE-2022-50231",
"url": "https://bugzilla.suse.com/1244853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50231"
},
{
"cve": "CVE-2023-3111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3111"
}
],
"notes": [
{
"category": "general",
"text": "A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3111",
"url": "https://www.suse.com/security/cve/CVE-2023-3111"
},
{
"category": "external",
"summary": "SUSE Bug 1212051 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1212051"
},
{
"category": "external",
"summary": "SUSE Bug 1220015 for CVE-2023-3111",
"url": "https://bugzilla.suse.com/1220015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-3111"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-53048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53048"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix warning when handle discover_identity message\n\nSince both source and sink device can send discover_identity message in\nPD3, kernel may dump below warning:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpm_queue_vdm+0xe0/0xf0\nModules linked in:\nCPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tcpm_queue_vdm+0xe0/0xf0\nlr : tcpm_queue_vdm+0x2c/0xf0\nsp : ffff80000c19bcd0\nx29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8\nx26: ffff0000d11cc000 x25: 0000000000000000 x24: 00000000ff008081\nx23: 0000000000000001 x22: 00000000ff00a081 x21: ffff80000c19bdbc\nx20: 0000000000000000 x19: ffff0000d11c8080 x18: ffffffffffffffff\nx17: 0000000000000000 x16: 0000000000000000 x15: ffff0000d716f580\nx14: 0000000000000001 x13: ffff0000d716f507 x12: 0000000000000001\nx11: 0000000000000000 x10: 0000000000000020 x9 : 00000000000ee098\nx8 : 00000000ffffffff x7 : 000000000000001c x6 : ffff0000d716f580\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff80000c19bdbc x1 : 00000000ff00a081 x0 : 0000000000000004\nCall trace:\ntcpm_queue_vdm+0xe0/0xf0\ntcpm_pd_rx_handler+0x340/0x1ab0\nkthread_worker_fn+0xcc/0x18c\nkthread+0x10c/0x110\nret_from_fork+0x10/0x20\n---[ end trace 0000000000000000 ]---\n\nBelow sequences may trigger this warning:\n\ntcpm_send_discover_work(work)\n tcpm_send_vdm(port, USB_SID_PD, CMD_DISCOVER_IDENT, NULL, 0);\n tcpm_queue_vdm(port, header, data, count);\n port-\u003evdm_state = VDM_STATE_READY;\n\nvdm_state_machine_work(work);\n\t\t\t\u003c-- received discover_identity from partner\n vdm_run_state_machine(port);\n port-\u003evdm_state = VDM_STATE_SEND_MESSAGE;\n mod_vdm_delayed_work(port, x);\n\ntcpm_pd_rx_handler(work);\n tcpm_pd_data_request(port, msg);\n tcpm_handle_vdm_request(port, msg-\u003epayload, cnt);\n tcpm_queue_vdm(port, response[0], \u0026response[1], rlen - 1);\n--\u003e WARN_ON(port-\u003evdm_state \u003e VDM_STATE_DONE);\n\nFor this case, the state machine could still send out discover\nidentity message later if we skip current discover_identity message.\nSo we should handle the received message firstly and override the pending\ndiscover_identity message without warning in this case. Then, a delayed\nsend_discover work will send discover_identity message again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53048",
"url": "https://www.suse.com/security/cve/CVE-2023-53048"
},
{
"category": "external",
"summary": "SUSE Bug 1244179 for CVE-2023-53048",
"url": "https://bugzilla.suse.com/1244179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53048"
},
{
"cve": "CVE-2023-53076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53076"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53076",
"url": "https://www.suse.com/security/cve/CVE-2023-53076"
},
{
"category": "external",
"summary": "SUSE Bug 1242221 for CVE-2023-53076",
"url": "https://bugzilla.suse.com/1242221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53076"
},
{
"cve": "CVE-2023-53097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/iommu: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53097",
"url": "https://www.suse.com/security/cve/CVE-2023-53097"
},
{
"category": "external",
"summary": "SUSE Bug 1244114 for CVE-2023-53097",
"url": "https://bugzilla.suse.com/1244114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53097"
},
{
"cve": "CVE-2024-26808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain\n\nRemove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER\nevent is reported, otherwise a stale reference to netdevice remains in\nthe hook list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26808",
"url": "https://www.suse.com/security/cve/CVE-2024-26808"
},
{
"category": "external",
"summary": "SUSE Bug 1222634 for CVE-2024-26808",
"url": "https://bugzilla.suse.com/1222634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-26808"
},
{
"cve": "CVE-2024-26924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: do not free live element\n\nPablo reports a crash with large batches of elements with a\nback-to-back add/remove pattern. Quoting Pablo:\n\n add_elem(\"00000000\") timeout 100 ms\n ...\n add_elem(\"0000000X\") timeout 100 ms\n del_elem(\"0000000X\") \u003c---------------- delete one that was just added\n ...\n add_elem(\"00005000\") timeout 100 ms\n\n 1) nft_pipapo_remove() removes element 0000000X\n Then, KASAN shows a splat.\n\nLooking at the remove function there is a chance that we will drop a\nrule that maps to a non-deactivated element.\n\nRemoval happens in two steps, first we do a lookup for key k and return the\nto-be-removed element and mark it as inactive in the next generation.\nThen, in a second step, the element gets removed from the set/map.\n\nThe _remove function does not work correctly if we have more than one\nelement that share the same key.\n\nThis can happen if we insert an element into a set when the set already\nholds an element with same key, but the element mapping to the existing\nkey has timed out or is not active in the next generation.\n\nIn such case its possible that removal will unmap the wrong element.\nIf this happens, we will leak the non-deactivated element, it becomes\nunreachable.\n\nThe element that got deactivated (and will be freed later) will\nremain reachable in the set data structure, this can result in\na crash when such an element is retrieved during lookup (stale\npointer).\n\nAdd a check that the fully matching key does in fact map to the element\nthat we have marked as inactive in the deactivation step.\nIf not, we need to continue searching.\n\nAdd a bug/warn trap at the end of the function as well, the remove\nfunction must not ever be called with an invisible/unreachable/non-existent\nelement.\n\nv2: avoid uneeded temporary variable (Stefano)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26924",
"url": "https://www.suse.com/security/cve/CVE-2024-26924"
},
{
"category": "external",
"summary": "SUSE Bug 1223387 for CVE-2024-26924",
"url": "https://bugzilla.suse.com/1223387"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-26924"
},
{
"cve": "CVE-2024-26935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix unremoved procfs host directory regression\n\nCommit fc663711b944 (\"scsi: core: Remove the /proc/scsi/${proc_name}\ndirectory earlier\") fixed a bug related to modules loading/unloading, by\nadding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led\nto a potential duplicate call to the hostdir_rm() routine, since it\u0027s also\ncalled from scsi_host_dev_release(). That triggered a regression report,\nwhich was then fixed by commit be03df3d4bfe (\"scsi: core: Fix a procfs host\ndirectory removal regression\"). The fix just dropped the hostdir_rm() call\nfrom dev_release().\n\nBut it happens that this proc directory is created on scsi_host_alloc(),\nand that function \"pairs\" with scsi_host_dev_release(), while\nscsi_remove_host() pairs with scsi_add_host(). In other words, it seems the\nreason for removing the proc directory on dev_release() was meant to cover\ncases in which a SCSI host structure was allocated, but the call to\nscsi_add_host() didn\u0027t happen. And that pattern happens to exist in some\nerror paths, for example.\n\nSyzkaller causes that by using USB raw gadget device, error\u0027ing on\nusb-storage driver, at usb_stor_probe2(). By checking that path, we can see\nthat the BadDevice label leads to a scsi_host_put() after a SCSI host\nallocation, but there\u0027s no call to scsi_add_host() in such path. That leads\nto messages like this in dmesg (and a leak of the SCSI host proc\nstructure):\n\nusb-storage 4-1:87.51: USB Mass Storage device detected\nproc_dir_entry \u0027scsi/usb-storage\u0027 already registered\nWARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376\n\nThe proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(),\nbut guard that with the state check for SHOST_CREATED; there is even a\ncomment in scsi_host_dev_release() detailing that: such conditional is\nmeant for cases where the SCSI host was allocated but there was no calls to\n{add,remove}_host(), like the usb-storage case.\n\nThis is what we propose here and with that, the error path of usb-storage\ndoes not trigger the warning anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26935",
"url": "https://www.suse.com/security/cve/CVE-2024-26935"
},
{
"category": "external",
"summary": "SUSE Bug 1223675 for CVE-2024-26935",
"url": "https://bugzilla.suse.com/1223675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "low"
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-27397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27397"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use timestamp to check for set element timeout\n\nAdd a timestamp field at the beginning of the transaction, store it\nin the nftables per-netns area.\n\nUpdate set backend .insert, .deactivate and sync gc path to use the\ntimestamp, this avoids that an element expires while control plane\ntransaction is still unfinished.\n\n.lookup and .update, which are used from packet path, still use the\ncurrent time to check if the element has expired. And .get path and dump\nalso since this runs lockless under rcu read size lock. Then, there is\nasync gc which also needs to check the current time since it runs\nasynchronously from a workqueue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27397",
"url": "https://www.suse.com/security/cve/CVE-2024-27397"
},
{
"category": "external",
"summary": "SUSE Bug 1224095 for CVE-2024-27397",
"url": "https://bugzilla.suse.com/1224095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-36978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36978",
"url": "https://www.suse.com/security/cve/CVE-2024-36978"
},
{
"category": "external",
"summary": "SUSE Bug 1226514 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "external",
"summary": "SUSE Bug 1244631 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1244631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: add missing range check in bitmap_ip_uadt\n\nWhen tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,\nthe values of ip and ip_to are slightly swapped. Therefore, the range check\nfor ip should be done later, but this part is missing and it seems that the\nvulnerability occurs.\n\nSo we should add missing range checks and remove unnecessary range checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53141",
"url": "https://www.suse.com/security/cve/CVE-2024-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1234381 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1234381"
},
{
"category": "external",
"summary": "SUSE Bug 1245778 for CVE-2024-53141",
"url": "https://bugzilla.suse.com/1245778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-53141"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-23141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses\n\nAcquire a lock on kvm-\u003esrcu when userspace is getting MP state to handle a\nrather extreme edge case where \"accepting\" APIC events, i.e. processing\npending INIT or SIPI, can trigger accesses to guest memory. If the vCPU\nis in L2 with INIT *and* a TRIPLE_FAULT request pending, then getting MP\nstate will trigger a nested VM-Exit by way of -\u003echeck_nested_events(), and\nemuating the nested VM-Exit can access guest memory.\n\nThe splat was originally hit by syzkaller on a Google-internal kernel, and\nreproduced on an upstream kernel by hacking the triple_fault_event_test\nselftest to stuff a pending INIT, store an MSR on VM-Exit (to generate a\nmemory access on VMX), and do vcpu_mp_state_get() to trigger the scenario.\n\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3-b112d356288b-vmx/pi_lockdep_false_pos-lock #3 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1058 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by triple_fault_ev/1256:\n #0: ffff88810df5a330 (\u0026vcpu-\u003emutex){+.+.}-{4:4}, at: kvm_vcpu_ioctl+0x8b/0x9a0 [kvm]\n\n stack backtrace:\n CPU: 11 UID: 1000 PID: 1256 Comm: triple_fault_ev Not tainted 6.14.0-rc3-b112d356288b-vmx #3\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x144/0x190\n kvm_vcpu_gfn_to_memslot+0x156/0x180 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n read_and_check_msr_entry+0x2e/0x180 [kvm_intel]\n __nested_vmx_vmexit+0x550/0xde0 [kvm_intel]\n kvm_check_nested_events+0x1b/0x30 [kvm]\n kvm_apic_accept_events+0x33/0x100 [kvm]\n kvm_arch_vcpu_ioctl_get_mpstate+0x30/0x1d0 [kvm]\n kvm_vcpu_ioctl+0x33e/0x9a0 [kvm]\n __x64_sys_ioctl+0x8b/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23141",
"url": "https://www.suse.com/security/cve/CVE-2025-23141"
},
{
"category": "external",
"summary": "SUSE Bug 1242782 for CVE-2025-23141",
"url": "https://bugzilla.suse.com/1242782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-23141"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc\n\nAs described in Gerrard\u0027s report [1], we have a UAF case when an hfsc class\nhas a netem child qdisc. The crux of the issue is that hfsc is assuming\nthat checking for cl-\u003eqdisc-\u003eq.qlen == 0 guarantees that it hasn\u0027t inserted\nthe class in the vttree or eltree (which is not true for the netem\nduplicate case).\n\nThis patch checks the n_active class variable to make sure that the code\nwon\u0027t insert the class in the vttree or eltree twice, catering for the\nreentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37890",
"url": "https://www.suse.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "SUSE Bug 1243330 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1243330"
},
{
"category": "external",
"summary": "SUSE Bug 1245791 for CVE-2025-37890",
"url": "https://bugzilla.suse.com/1245791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-37932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_qlen_notify() idempotent\n\nhtb_qlen_notify() always deactivates the HTB class and in fact could\ntrigger a warning if it is already deactivated. Therefore, it is not\nidempotent and not friendly to its callers, like fq_codel_dequeue().\n\nLet\u0027s make it idempotent to ease qdisc_tree_reduce_backlog() callers\u0027\nlife.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37932",
"url": "https://www.suse.com/security/cve/CVE-2025-37932"
},
{
"category": "external",
"summary": "SUSE Bug 1243627 for CVE-2025-37932",
"url": "https://bugzilla.suse.com/1243627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "low"
}
],
"title": "CVE-2025-37932"
},
{
"cve": "CVE-2025-37953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_htb: make htb_deactivate() idempotent\n\nAlan reported a NULL pointer dereference in htb_next_rb_node()\nafter we made htb_qlen_notify() idempotent.\n\nIt turns out in the following case it introduced some regression:\n\nhtb_dequeue_tree():\n |-\u003e fq_codel_dequeue()\n |-\u003e qdisc_tree_reduce_backlog()\n |-\u003e htb_qlen_notify()\n |-\u003e htb_deactivate()\n |-\u003e htb_next_rb_node()\n |-\u003e htb_deactivate()\n\nFor htb_next_rb_node(), after calling the 1st htb_deactivate(), the\nclprio[prio]-\u003eptr could be already set to NULL, which means\nhtb_next_rb_node() is vulnerable here.\n\nFor htb_deactivate(), although we checked qlen before calling it, in\ncase of qlen==0 after qdisc_tree_reduce_backlog(), we may call it again\nwhich triggers the warning inside.\n\nTo fix the issues here, we need to:\n\n1) Make htb_deactivate() idempotent, that is, simply return if we\n already call it before.\n2) Make htb_next_rb_node() safe against ptr==NULL.\n\nMany thanks to Alan for testing and for the reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37953",
"url": "https://www.suse.com/security/cve/CVE-2025-37953"
},
{
"category": "external",
"summary": "SUSE Bug 1243543 for CVE-2025-37953",
"url": "https://bugzilla.suse.com/1243543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37953"
},
{
"cve": "CVE-2025-37997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: fix region locking in hash types\n\nRegion locking introduced in v5.6-rc4 contained three macros to handle\nthe region locks: ahash_bucket_start(), ahash_bucket_end() which gave\nback the start and end hash bucket values belonging to a given region\nlock and ahash_region() which should give back the region lock belonging\nto a given hash bucket. The latter was incorrect which can lead to a\nrace condition between the garbage collector and adding new elements\nwhen a hash type of set is defined with timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37997",
"url": "https://www.suse.com/security/cve/CVE-2025-37997"
},
{
"category": "external",
"summary": "SUSE Bug 1243832 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1243832"
},
{
"category": "external",
"summary": "SUSE Bug 1245774 for CVE-2025-37997",
"url": "https://bugzilla.suse.com/1245774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37997"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Address reentrant enqueue adding class to eltree twice\n\nSavino says:\n \"We are writing to report that this recent patch\n (141d34391abbb315d68556b7c67ad97885407547) [1]\n can be bypassed, and a UAF can still occur when HFSC is utilized with\n NETEM.\n\n The patch only checks the cl-\u003ecl_nactive field to determine whether\n it is the first insertion or not [2], but this field is only\n incremented by init_vf [3].\n\n By using HFSC_RSC (which uses init_ed) [4], it is possible to bypass the\n check and insert the class twice in the eltree.\n Under normal conditions, this would lead to an infinite loop in\n hfsc_dequeue for the reasons we already explained in this report [5].\n\n However, if TBF is added as root qdisc and it is configured with a\n very low rate,\n it can be utilized to prevent packets from being dequeued.\n This behavior can be exploited to perform subsequent insertions in the\n HFSC eltree and cause a UAF.\"\n\nTo fix both the UAF and the infinite loop, with netem as an hfsc child,\ncheck explicitly in hfsc_enqueue whether the class is already in the eltree\nwhenever the HFSC_RSC flag is set.\n\n[1] https://web.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=141d34391abbb315d68556b7c67ad97885407547\n[2] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1572\n[3] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L677\n[4] https://elixir.bootlin.com/linux/v6.15-rc5/source/net/sched/sch_hfsc.c#L1574\n[5] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/T/#u",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38001",
"url": "https://www.suse.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "SUSE Bug 1244234 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244234"
},
{
"category": "external",
"summary": "SUSE Bug 1244235 for CVE-2025-38001",
"url": "https://bugzilla.suse.com/1244235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-38001"
},
{
"cve": "CVE-2025-38014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Refactor remove call with idxd_cleanup() helper\n\nThe idxd_cleanup() helper cleans up perfmon, interrupts, internals and\nso on. Refactor remove call with the idxd_cleanup() helper to avoid code\nduplication. Note, this also fixes the missing put_device() for idxd\ngroups, enginces and wqs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38014",
"url": "https://www.suse.com/security/cve/CVE-2025-38014"
},
{
"category": "external",
"summary": "SUSE Bug 1244732 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244732"
},
{
"category": "external",
"summary": "SUSE Bug 1244733 for CVE-2025-38014",
"url": "https://bugzilla.suse.com/1244733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38014"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.3:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:kernel-source-rt-5.14.21-150400.15.124.1.noarch",
"SUSE Linux Enterprise Micro 5.4:kernel-rt-5.14.21-150400.15.124.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:kernel-source-rt-5.14.21-150400.15.124.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T14:31:46Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
}
]
}
suse-su-2025:20611-1
Vulnerability from csaf_suse
Published
2025-08-25 12:16
Modified
2025-08-25 12:16
Summary
Security update for kernel-livepatch-MICRO-6-0_Update_4
Notes
Title of the patch
Security update for kernel-livepatch-MICRO-6-0_Update_4
Description of the patch
This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797)
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)
Patchnames
SUSE-SLE-Micro-6.1-kernel-75
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues:\n\n- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250)\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776)\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793)\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797)\n- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-75",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20611-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20611-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520611-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20611-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041450.html"
},
{
"category": "self",
"summary": "SUSE Bug 1235250",
"url": "https://bugzilla.suse.com/1235250"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE Bug 1245804",
"url": "https://bugzilla.suse.com/1245804"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
}
],
"title": "Security update for kernel-livepatch-MICRO-6-0_Update_4",
"tracking": {
"current_release_date": "2025-08-25T12:16:43Z",
"generator": {
"date": "2025-08-25T12:16:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20611-1",
"initial_release_date": "2025-08-25T12:16:43Z",
"revision_history": [
{
"date": "2025-08-25T12:16:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-24-default-7-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-7-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-7-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: sync_linked_regs() must preserve subreg_def\n\nRange propagation must not affect subreg_def marks, otherwise the\nfollowing example is rewritten by verifier incorrectly when\nBPF_F_TEST_RND_HI32 flag is set:\n\n 0: call bpf_ktime_get_ns call bpf_ktime_get_ns\n 1: r0 \u0026= 0x7fffffff after verifier r0 \u0026= 0x7fffffff\n 2: w1 = w0 rewrites w1 = w0\n 3: if w0 \u003c 10 goto +0 --------------\u003e r11 = 0x2f5674a6 (r)\n 4: r1 \u003e\u003e= 32 r11 \u003c\u003c= 32 (r)\n 5: r0 = r1 r1 |= r11 (r)\n 6: exit; if w0 \u003c 0xa goto pc+0\n r1 \u003e\u003e= 32\n r0 = r1\n exit\n\n(or zero extension of w1 at (2) is missing for architectures that\n require zero extension for upper register half).\n\nThe following happens w/o this patch:\n- r0 is marked as not a subreg at (0);\n- w1 is marked as subreg at (2);\n- w1 subreg_def is overridden at (3) by copy_register_state();\n- w1 is read at (5) but mark_insn_zext() does not mark (2)\n for zero extension, because w1 subreg_def is not set;\n- because of BPF_F_TEST_RND_HI32 flag verifier inserts random\n value for hi32 bits of (2) (marked (r));\n- this random value is read at (5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53125",
"url": "https://www.suse.com/security/cve/CVE-2024-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1234156 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1234156"
},
{
"category": "external",
"summary": "SUSE Bug 1245804 for CVE-2024-53125",
"url": "https://bugzilla.suse.com/1245804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:43Z",
"details": "important"
}
],
"title": "CVE-2024-53125"
},
{
"cve": "CVE-2024-56664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket\u0027s close() link popping \u0026 unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(\u0026stab-\u003elock)\n osk = stab-\u003esks[idx]\n sock_map_add_link(..., \u0026stab-\u003esks[idx])\n sock_map_unref(osk, \u0026stab-\u003esks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(\u0026psock))\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(\u0026stab-\u003elock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56664",
"url": "https://www.suse.com/security/cve/CVE-2024-56664"
},
{
"category": "external",
"summary": "SUSE Bug 1235249 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235249"
},
{
"category": "external",
"summary": "SUSE Bug 1235250 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:43Z",
"details": "important"
}
],
"title": "CVE-2024-56664"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:43Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:43Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-7-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T12:16:43Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
}
]
}
suse-su-2025:01983-1
Vulnerability from csaf_suse
Published
2025-06-17 15:32
Modified
2025-06-17 15:32
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47670: can: peak_usb: fix use after free bugs (bsc#1241407).
- CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032).
- CVE-2022-49145: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (bsc#1238162).
- CVE-2022-49168: btrfs: do not clean up repair bio if submit fails (bsc#1238109).
- CVE-2022-49190: kernel/resource: fix kfree() of bootmem memory again (bsc#1238130).
- CVE-2022-49212: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (bsc#1238331).
- CVE-2022-49216: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (bsc#1238338).
- CVE-2022-49235: ath9k_htc: fix uninit value bugs (bsc#1238333).
- CVE-2022-49248: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (bsc#1238284).
- CVE-2022-49253: media: usb: go7007: s2250-board: fix leak in probe() (bsc#1238420).
- CVE-2022-49320: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (bsc#1238394).
- CVE-2022-49326: rtl818x: Prevent using not initialized queues (bsc#1238646).
- CVE-2022-49371: driver core: fix deadlock in __device_attach (bsc#1238546).
- CVE-2022-49382: soc: rockchip: Fix refcount leak in rockchip_grf_init (bsc#1238306).
- CVE-2022-49396: phy: qcom-qmp: fix reset-controller leak on probe errors (bsc#1238289).
- CVE-2022-49420: net: annotate races around sk->sk_bound_dev_if (bsc#1238887).
- CVE-2022-49441: tty: fix deadlock caused by calling printk() under tty_port->lock (bsc#1238263).
- CVE-2022-49445: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (bsc#1238019).
- CVE-2022-49460: PM / devfreq: rk3399_dmc: Disable edev on remove() (bsc#1238892).
- CVE-2022-49467: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (bsc#1238815).
- CVE-2022-49474: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (bsc#1238071).
- CVE-2022-49491: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (bsc#1238539).
- CVE-2022-49503: ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (bsc#1238868).
- CVE-2022-49592: net: stmmac: fix dma queue left shift overflow issue (bsc#1238311).
- CVE-2022-49625: sfc: fix kernel panic when creating VF (bsc#1238411).
- CVE-2022-49635: drm/i915/selftests: fix subtraction overflow bug (bsc#1238806).
- CVE-2022-49652: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (bsc#1238871).
- CVE-2022-49715: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (bsc#1238818).
- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).
- CVE-2022-49729: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (bsc#1239060).
- CVE-2022-49751: w1: fix WARNING after calling w1_process() (bsc#1240254).
- CVE-2022-49761: btrfs: always report error in run_one_delayed_ref() (bsc#1240261).
- CVE-2022-49772: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() (bsc#1242147).
- CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245).
- CVE-2022-49776: macvlan: enforce a consistent minimal mtu (bsc#1242248).
- CVE-2022-49787: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() (bsc#1242352).
- CVE-2022-49788: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (bsc#1242353).
- CVE-2022-49813: net: ena: Fix error handling in ena_init() (bsc#1242497).
- CVE-2022-49821: mISDN: fix possible memory leak in mISDN_dsp_element_register() (bsc#1242542).
- CVE-2022-49826: ata: libata-transport: fix double ata_host_put() in ata_tport_add() (bsc#1242549).
- CVE-2022-49829: drm/scheduler: fix fence ref counting (bsc#1242691).
- CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map (bsc#1242154).
- CVE-2022-49835: ALSA: hda: fix potential memleak in 'add_widget_node' (bsc#1242385).
- CVE-2022-49840: bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() (bsc#1242447).
- CVE-2022-49842: ASoC: soc-utils: Remove __exit for snd_soc_util_exit() (bsc#1242484).
- CVE-2022-49853: net: macvlan: fix memory leaks of macvlan_common_newlink (bsc#1242688).
- CVE-2022-49861: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() (bsc#1242580).
- CVE-2022-49862: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header (bsc#1242755).
- CVE-2022-49865: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (bsc#1242570).
- CVE-2022-49871: net: tun: call napi_schedule_prep() to ensure we own a napi (bsc#1242558).
- CVE-2022-49872: net: gso: fix panic on frag_list with mixed head alloc types (bsc#1242594).
- CVE-2022-49874: HID: hyperv: fix possible memory leak in mousevsc_probe() (bsc#1242478).
- CVE-2022-49898: btrfs: fix tree mod log mishandling of reallocated nodes (bsc#1242472).
- CVE-2022-49907: net: mdio: fix undefined behavior in bit shift for __mdiobus_register (bsc#1242450).
- CVE-2022-49913: btrfs: fix inode list leak during backref walking at find_parent_nodes() (bsc#1242470).
- CVE-2022-49914: btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (bsc#1242427).
- CVE-2022-49922: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (bsc#1242378).
- CVE-2022-49923: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (bsc#1242394).
- CVE-2022-49924: nfc: fdp: Fix potential memory leak in fdp_nci_send() (bsc#1242426).
- CVE-2022-49925: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (bsc#1242371).
- CVE-2022-49931: IB/hfi1: Correctly move list in sc_disable() (bsc#1242382).
- CVE-2023-52868: thermal: core: prevent potential string overflow (bsc#1225044).
- CVE-2023-52975: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (bsc#1240322).
- CVE-2023-52988: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() (bsc#1240293).
- CVE-2023-52989: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region (bsc#1240266).
- CVE-2023-52993: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (bsc#1240297).
- CVE-2023-53039: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (bsc#1242745).
- CVE-2023-53045: usb: gadget: u_audio: do not let userspace block driver unbind (bsc#1242756).
- CVE-2023-53066: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (bsc#1242227).
- CVE-2023-53079: net/mlx5: Fix steering rules cleanup (bsc#1242765).
- CVE-2023-53080: xsk: Add missing overflow check in xdp_umem_reg (bsc#1242287).
- CVE-2023-53094: tty: serial: fsl_lpuart: fix race on RX DMA shutdown (bsc#1242288).
- CVE-2023-53103: bonding: Fix memory leak when changing bond type to Ethernet (bsc#1242408).
- CVE-2023-53114: i40e: Fix kernel crash during reboot when adapter is in recovery mode (bsc#1242398).
- CVE-2023-53139: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (bsc#1242361).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-50106: nfsd: fix race between laundromat and free_stateid() (bsc#1232882).
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1234887).
- CVE-2024-56779: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (bsc#1235632).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21704: usb: cdc-acm: Check control transfer buffer size before access (bsc#1237571).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22027: media: streamzap: fix race between device disconnection and urb callback (bsc#1241369).
- CVE-2025-22050: usbnet:fix NPE during rx_complete (bsc#1241441).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-23136: thermal: int340x: Add NULL check for adev (bsc#1241357).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23161: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (bsc#1242792).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37782: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (bsc#1242770).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37794: wifi: mac80211: Purge vif txq in ieee80211_do_stop() (bsc#1242566).
- CVE-2025-37796: wifi: at76c50x: fix use after free access in at76_disconnect (bsc#1242727).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37852: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (bsc#1243074).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37989: net: phy: leds: fix memory leak (bsc#1243511).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
The following non-security bugs were fixed:
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (bsc#1242745).
- NFC: nxp-nci: remove unnecessary labels (bsc#1242394).
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: insn: Add N immediate encoding (bsc#1242778).
- arm64: insn: Add encoder for bitwise operations using literals (bsc#1242778).
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: insn: Fix two bugs in encoding 32-bit logical immediates (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- devm-helpers: Add resource managed version of work init (bsc#1242745)
- irqchip: gic-v3: Use of_cpu_node_to_id helper (bsc#1238818)
- kernel: Remove debug flavor (bsc#1243919).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- net/sched: initialize noop_qdisc owner (git-fixes).
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- netfilter: Adjusted the backported patch as it caused a regression (bsc#1218752).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (bsc#1242154)
- workqueue: Add resource managed version of delayed work init (bsc#1242745)
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- x86/smpboot: Remove unused phys_id variable (git-commit).
Patchnames
SUSE-2025-1983,SUSE-SLE-Live-Patching-12-SP5-2025-1983,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1983,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1983
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47670: can: peak_usb: fix use after free bugs (bsc#1241407).\n- CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032).\n- CVE-2022-49145: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (bsc#1238162).\n- CVE-2022-49168: btrfs: do not clean up repair bio if submit fails (bsc#1238109).\n- CVE-2022-49190: kernel/resource: fix kfree() of bootmem memory again (bsc#1238130).\n- CVE-2022-49212: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (bsc#1238331).\n- CVE-2022-49216: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (bsc#1238338).\n- CVE-2022-49235: ath9k_htc: fix uninit value bugs (bsc#1238333).\n- CVE-2022-49248: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (bsc#1238284).\n- CVE-2022-49253: media: usb: go7007: s2250-board: fix leak in probe() (bsc#1238420).\n- CVE-2022-49320: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (bsc#1238394).\n- CVE-2022-49326: rtl818x: Prevent using not initialized queues (bsc#1238646).\n- CVE-2022-49371: driver core: fix deadlock in __device_attach (bsc#1238546).\n- CVE-2022-49382: soc: rockchip: Fix refcount leak in rockchip_grf_init (bsc#1238306).\n- CVE-2022-49396: phy: qcom-qmp: fix reset-controller leak on probe errors (bsc#1238289).\n- CVE-2022-49420: net: annotate races around sk-\u003esk_bound_dev_if (bsc#1238887).\n- CVE-2022-49441: tty: fix deadlock caused by calling printk() under tty_port-\u003elock (bsc#1238263).\n- CVE-2022-49445: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (bsc#1238019).\n- CVE-2022-49460: PM / devfreq: rk3399_dmc: Disable edev on remove() (bsc#1238892).\n- CVE-2022-49467: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (bsc#1238815).\n- CVE-2022-49474: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (bsc#1238071).\n- CVE-2022-49491: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (bsc#1238539).\n- CVE-2022-49503: ath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix (bsc#1238868).\n- CVE-2022-49592: net: stmmac: fix dma queue left shift overflow issue (bsc#1238311).\n- CVE-2022-49625: sfc: fix kernel panic when creating VF (bsc#1238411).\n- CVE-2022-49635: drm/i915/selftests: fix subtraction overflow bug (bsc#1238806).\n- CVE-2022-49652: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (bsc#1238871).\n- CVE-2022-49715: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (bsc#1238818).\n- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).\n- CVE-2022-49729: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (bsc#1239060).\n- CVE-2022-49751: w1: fix WARNING after calling w1_process() (bsc#1240254).\n- CVE-2022-49761: btrfs: always report error in run_one_delayed_ref() (bsc#1240261).\n- CVE-2022-49772: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() (bsc#1242147).\n- CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245).\n- CVE-2022-49776: macvlan: enforce a consistent minimal mtu (bsc#1242248).\n- CVE-2022-49787: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() (bsc#1242352).\n- CVE-2022-49788: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (bsc#1242353).\n- CVE-2022-49813: net: ena: Fix error handling in ena_init() (bsc#1242497).\n- CVE-2022-49821: mISDN: fix possible memory leak in mISDN_dsp_element_register() (bsc#1242542).\n- CVE-2022-49826: ata: libata-transport: fix double ata_host_put() in ata_tport_add() (bsc#1242549).\n- CVE-2022-49829: drm/scheduler: fix fence ref counting (bsc#1242691).\n- CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map (bsc#1242154).\n- CVE-2022-49835: ALSA: hda: fix potential memleak in \u0027add_widget_node\u0027 (bsc#1242385).\n- CVE-2022-49840: bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() (bsc#1242447).\n- CVE-2022-49842: ASoC: soc-utils: Remove __exit for snd_soc_util_exit() (bsc#1242484).\n- CVE-2022-49853: net: macvlan: fix memory leaks of macvlan_common_newlink (bsc#1242688).\n- CVE-2022-49861: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() (bsc#1242580).\n- CVE-2022-49862: tipc: fix the msg-\u003ereq tlv len check in tipc_nl_compat_name_table_dump_header (bsc#1242755).\n- CVE-2022-49865: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (bsc#1242570).\n- CVE-2022-49871: net: tun: call napi_schedule_prep() to ensure we own a napi (bsc#1242558).\n- CVE-2022-49872: net: gso: fix panic on frag_list with mixed head alloc types (bsc#1242594).\n- CVE-2022-49874: HID: hyperv: fix possible memory leak in mousevsc_probe() (bsc#1242478).\n- CVE-2022-49898: btrfs: fix tree mod log mishandling of reallocated nodes (bsc#1242472).\n- CVE-2022-49907: net: mdio: fix undefined behavior in bit shift for __mdiobus_register (bsc#1242450).\n- CVE-2022-49913: btrfs: fix inode list leak during backref walking at find_parent_nodes() (bsc#1242470).\n- CVE-2022-49914: btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (bsc#1242427).\n- CVE-2022-49922: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (bsc#1242378).\n- CVE-2022-49923: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (bsc#1242394).\n- CVE-2022-49924: nfc: fdp: Fix potential memory leak in fdp_nci_send() (bsc#1242426).\n- CVE-2022-49925: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (bsc#1242371).\n- CVE-2022-49931: IB/hfi1: Correctly move list in sc_disable() (bsc#1242382).\n- CVE-2023-52868: thermal: core: prevent potential string overflow (bsc#1225044).\n- CVE-2023-52975: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (bsc#1240322).\n- CVE-2023-52988: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() (bsc#1240293).\n- CVE-2023-52989: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region (bsc#1240266).\n- CVE-2023-52993: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (bsc#1240297).\n- CVE-2023-53039: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (bsc#1242745).\n- CVE-2023-53045: usb: gadget: u_audio: do not let userspace block driver unbind (bsc#1242756).\n- CVE-2023-53066: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (bsc#1242227).\n- CVE-2023-53079: net/mlx5: Fix steering rules cleanup (bsc#1242765).\n- CVE-2023-53080: xsk: Add missing overflow check in xdp_umem_reg (bsc#1242287).\n- CVE-2023-53094: tty: serial: fsl_lpuart: fix race on RX DMA shutdown (bsc#1242288).\n- CVE-2023-53103: bonding: Fix memory leak when changing bond type to Ethernet (bsc#1242408).\n- CVE-2023-53114: i40e: Fix kernel crash during reboot when adapter is in recovery mode (bsc#1242398).\n- CVE-2023-53139: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (bsc#1242361).\n- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).\n- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).\n- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).\n- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).\n- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).\n- CVE-2024-50106: nfsd: fix race between laundromat and free_stateid() (bsc#1232882).\n- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1234887).\n- CVE-2024-56779: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (bsc#1235632).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21704: usb: cdc-acm: Check control transfer buffer size before access (bsc#1237571).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22027: media: streamzap: fix race between device disconnection and urb callback (bsc#1241369).\n- CVE-2025-22050: usbnet:fix NPE during rx_complete (bsc#1241441).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-23136: thermal: int340x: Add NULL check for adev (bsc#1241357).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23161: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (bsc#1242792).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37782: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (bsc#1242770).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37794: wifi: mac80211: Purge vif txq in ieee80211_do_stop() (bsc#1242566).\n- CVE-2025-37796: wifi: at76c50x: fix use after free access in at76_disconnect (bsc#1242727).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37852: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (bsc#1243074).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37989: net: phy: leds: fix memory leak (bsc#1243511).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n\nThe following non-security bugs were fixed:\n\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (bsc#1242745).\n- NFC: nxp-nci: remove unnecessary labels (bsc#1242394).\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).\n- arm64: insn: Add N immediate encoding (bsc#1242778).\n- arm64: insn: Add encoder for bitwise operations using literals (bsc#1242778).\n- arm64: insn: Add support for encoding DSB (bsc#1242778).\n- arm64: insn: Fix two bugs in encoding 32-bit logical immediates (bsc#1242778).\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (bsc#1242778).\n- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).\n- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).\n- devm-helpers: Add resource managed version of work init (bsc#1242745)\n- irqchip: gic-v3: Use of_cpu_node_to_id helper (bsc#1238818)\n- kernel: Remove debug flavor (bsc#1243919). \n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- net/sched: initialize noop_qdisc owner (git-fixes).\n- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)\n- netfilter: Adjusted the backported patch as it caused a regression (bsc#1218752).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (bsc#1242154)\n- workqueue: Add resource managed version of delayed work init (bsc#1242745)\n- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).\n- x86/bugs: Fix BHI handling of RRSBA (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).\n- x86/smpboot: Remove unused phys_id variable (git-commit).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1983,SUSE-SLE-Live-Patching-12-SP5-2025-1983,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1983,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1983",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01983-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01983-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501983-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01983-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040323.html"
},
{
"category": "self",
"summary": "SUSE Bug 1184350",
"url": "https://bugzilla.suse.com/1184350"
},
{
"category": "self",
"summary": "SUSE Bug 1190317",
"url": "https://bugzilla.suse.com/1190317"
},
{
"category": "self",
"summary": "SUSE Bug 1190601",
"url": "https://bugzilla.suse.com/1190601"
},
{
"category": "self",
"summary": "SUSE Bug 1194227",
"url": "https://bugzilla.suse.com/1194227"
},
{
"category": "self",
"summary": "SUSE Bug 1206073",
"url": "https://bugzilla.suse.com/1206073"
},
{
"category": "self",
"summary": "SUSE Bug 1206649",
"url": "https://bugzilla.suse.com/1206649"
},
{
"category": "self",
"summary": "SUSE Bug 1206677",
"url": "https://bugzilla.suse.com/1206677"
},
{
"category": "self",
"summary": "SUSE Bug 1206887",
"url": "https://bugzilla.suse.com/1206887"
},
{
"category": "self",
"summary": "SUSE Bug 1209292",
"url": "https://bugzilla.suse.com/1209292"
},
{
"category": "self",
"summary": "SUSE Bug 1209556",
"url": "https://bugzilla.suse.com/1209556"
},
{
"category": "self",
"summary": "SUSE Bug 1209684",
"url": "https://bugzilla.suse.com/1209684"
},
{
"category": "self",
"summary": "SUSE Bug 1210336",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "self",
"summary": "SUSE Bug 1210337",
"url": "https://bugzilla.suse.com/1210337"
},
{
"category": "self",
"summary": "SUSE Bug 1211466",
"url": "https://bugzilla.suse.com/1211466"
},
{
"category": "self",
"summary": "SUSE Bug 1213012",
"url": "https://bugzilla.suse.com/1213012"
},
{
"category": "self",
"summary": "SUSE Bug 1213013",
"url": "https://bugzilla.suse.com/1213013"
},
{
"category": "self",
"summary": "SUSE Bug 1218752",
"url": "https://bugzilla.suse.com/1218752"
},
{
"category": "self",
"summary": "SUSE Bug 1222004",
"url": "https://bugzilla.suse.com/1222004"
},
{
"category": "self",
"summary": "SUSE Bug 1222563",
"url": "https://bugzilla.suse.com/1222563"
},
{
"category": "self",
"summary": "SUSE Bug 1222629",
"url": "https://bugzilla.suse.com/1222629"
},
{
"category": "self",
"summary": "SUSE Bug 1223720",
"url": "https://bugzilla.suse.com/1223720"
},
{
"category": "self",
"summary": "SUSE Bug 1225044",
"url": "https://bugzilla.suse.com/1225044"
},
{
"category": "self",
"summary": "SUSE Bug 1229516",
"url": "https://bugzilla.suse.com/1229516"
},
{
"category": "self",
"summary": "SUSE Bug 1230434",
"url": "https://bugzilla.suse.com/1230434"
},
{
"category": "self",
"summary": "SUSE Bug 1230786",
"url": "https://bugzilla.suse.com/1230786"
},
{
"category": "self",
"summary": "SUSE Bug 1230794",
"url": "https://bugzilla.suse.com/1230794"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1234887",
"url": "https://bugzilla.suse.com/1234887"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235632",
"url": "https://bugzilla.suse.com/1235632"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1238019",
"url": "https://bugzilla.suse.com/1238019"
},
{
"category": "self",
"summary": "SUSE Bug 1238032",
"url": "https://bugzilla.suse.com/1238032"
},
{
"category": "self",
"summary": "SUSE Bug 1238071",
"url": "https://bugzilla.suse.com/1238071"
},
{
"category": "self",
"summary": "SUSE Bug 1238109",
"url": "https://bugzilla.suse.com/1238109"
},
{
"category": "self",
"summary": "SUSE Bug 1238130",
"url": "https://bugzilla.suse.com/1238130"
},
{
"category": "self",
"summary": "SUSE Bug 1238162",
"url": "https://bugzilla.suse.com/1238162"
},
{
"category": "self",
"summary": "SUSE Bug 1238263",
"url": "https://bugzilla.suse.com/1238263"
},
{
"category": "self",
"summary": "SUSE Bug 1238284",
"url": "https://bugzilla.suse.com/1238284"
},
{
"category": "self",
"summary": "SUSE Bug 1238289",
"url": "https://bugzilla.suse.com/1238289"
},
{
"category": "self",
"summary": "SUSE Bug 1238306",
"url": "https://bugzilla.suse.com/1238306"
},
{
"category": "self",
"summary": "SUSE Bug 1238311",
"url": "https://bugzilla.suse.com/1238311"
},
{
"category": "self",
"summary": "SUSE Bug 1238331",
"url": "https://bugzilla.suse.com/1238331"
},
{
"category": "self",
"summary": "SUSE Bug 1238333",
"url": "https://bugzilla.suse.com/1238333"
},
{
"category": "self",
"summary": "SUSE Bug 1238338",
"url": "https://bugzilla.suse.com/1238338"
},
{
"category": "self",
"summary": "SUSE Bug 1238394",
"url": "https://bugzilla.suse.com/1238394"
},
{
"category": "self",
"summary": "SUSE Bug 1238411",
"url": "https://bugzilla.suse.com/1238411"
},
{
"category": "self",
"summary": "SUSE Bug 1238420",
"url": "https://bugzilla.suse.com/1238420"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238539",
"url": "https://bugzilla.suse.com/1238539"
},
{
"category": "self",
"summary": "SUSE Bug 1238546",
"url": "https://bugzilla.suse.com/1238546"
},
{
"category": "self",
"summary": "SUSE Bug 1238646",
"url": "https://bugzilla.suse.com/1238646"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238806",
"url": "https://bugzilla.suse.com/1238806"
},
{
"category": "self",
"summary": "SUSE Bug 1238815",
"url": "https://bugzilla.suse.com/1238815"
},
{
"category": "self",
"summary": "SUSE Bug 1238818",
"url": "https://bugzilla.suse.com/1238818"
},
{
"category": "self",
"summary": "SUSE Bug 1238868",
"url": "https://bugzilla.suse.com/1238868"
},
{
"category": "self",
"summary": "SUSE Bug 1238871",
"url": "https://bugzilla.suse.com/1238871"
},
{
"category": "self",
"summary": "SUSE Bug 1238887",
"url": "https://bugzilla.suse.com/1238887"
},
{
"category": "self",
"summary": "SUSE Bug 1238892",
"url": "https://bugzilla.suse.com/1238892"
},
{
"category": "self",
"summary": "SUSE Bug 1239060",
"url": "https://bugzilla.suse.com/1239060"
},
{
"category": "self",
"summary": "SUSE Bug 1239111",
"url": "https://bugzilla.suse.com/1239111"
},
{
"category": "self",
"summary": "SUSE Bug 1240254",
"url": "https://bugzilla.suse.com/1240254"
},
{
"category": "self",
"summary": "SUSE Bug 1240261",
"url": "https://bugzilla.suse.com/1240261"
},
{
"category": "self",
"summary": "SUSE Bug 1240266",
"url": "https://bugzilla.suse.com/1240266"
},
{
"category": "self",
"summary": "SUSE Bug 1240293",
"url": "https://bugzilla.suse.com/1240293"
},
{
"category": "self",
"summary": "SUSE Bug 1240297",
"url": "https://bugzilla.suse.com/1240297"
},
{
"category": "self",
"summary": "SUSE Bug 1240322",
"url": "https://bugzilla.suse.com/1240322"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241407",
"url": "https://bugzilla.suse.com/1241407"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242147",
"url": "https://bugzilla.suse.com/1242147"
},
{
"category": "self",
"summary": "SUSE Bug 1242154",
"url": "https://bugzilla.suse.com/1242154"
},
{
"category": "self",
"summary": "SUSE Bug 1242165",
"url": "https://bugzilla.suse.com/1242165"
},
{
"category": "self",
"summary": "SUSE Bug 1242215",
"url": "https://bugzilla.suse.com/1242215"
},
{
"category": "self",
"summary": "SUSE Bug 1242218",
"url": "https://bugzilla.suse.com/1242218"
},
{
"category": "self",
"summary": "SUSE Bug 1242219",
"url": "https://bugzilla.suse.com/1242219"
},
{
"category": "self",
"summary": "SUSE Bug 1242225",
"url": "https://bugzilla.suse.com/1242225"
},
{
"category": "self",
"summary": "SUSE Bug 1242227",
"url": "https://bugzilla.suse.com/1242227"
},
{
"category": "self",
"summary": "SUSE Bug 1242228",
"url": "https://bugzilla.suse.com/1242228"
},
{
"category": "self",
"summary": "SUSE Bug 1242231",
"url": "https://bugzilla.suse.com/1242231"
},
{
"category": "self",
"summary": "SUSE Bug 1242239",
"url": "https://bugzilla.suse.com/1242239"
},
{
"category": "self",
"summary": "SUSE Bug 1242241",
"url": "https://bugzilla.suse.com/1242241"
},
{
"category": "self",
"summary": "SUSE Bug 1242245",
"url": "https://bugzilla.suse.com/1242245"
},
{
"category": "self",
"summary": "SUSE Bug 1242248",
"url": "https://bugzilla.suse.com/1242248"
},
{
"category": "self",
"summary": "SUSE Bug 1242284",
"url": "https://bugzilla.suse.com/1242284"
},
{
"category": "self",
"summary": "SUSE Bug 1242285",
"url": "https://bugzilla.suse.com/1242285"
},
{
"category": "self",
"summary": "SUSE Bug 1242287",
"url": "https://bugzilla.suse.com/1242287"
},
{
"category": "self",
"summary": "SUSE Bug 1242288",
"url": "https://bugzilla.suse.com/1242288"
},
{
"category": "self",
"summary": "SUSE Bug 1242352",
"url": "https://bugzilla.suse.com/1242352"
},
{
"category": "self",
"summary": "SUSE Bug 1242353",
"url": "https://bugzilla.suse.com/1242353"
},
{
"category": "self",
"summary": "SUSE Bug 1242361",
"url": "https://bugzilla.suse.com/1242361"
},
{
"category": "self",
"summary": "SUSE Bug 1242362",
"url": "https://bugzilla.suse.com/1242362"
},
{
"category": "self",
"summary": "SUSE Bug 1242366",
"url": "https://bugzilla.suse.com/1242366"
},
{
"category": "self",
"summary": "SUSE Bug 1242370",
"url": "https://bugzilla.suse.com/1242370"
},
{
"category": "self",
"summary": "SUSE Bug 1242371",
"url": "https://bugzilla.suse.com/1242371"
},
{
"category": "self",
"summary": "SUSE Bug 1242372",
"url": "https://bugzilla.suse.com/1242372"
},
{
"category": "self",
"summary": "SUSE Bug 1242377",
"url": "https://bugzilla.suse.com/1242377"
},
{
"category": "self",
"summary": "SUSE Bug 1242378",
"url": "https://bugzilla.suse.com/1242378"
},
{
"category": "self",
"summary": "SUSE Bug 1242382",
"url": "https://bugzilla.suse.com/1242382"
},
{
"category": "self",
"summary": "SUSE Bug 1242385",
"url": "https://bugzilla.suse.com/1242385"
},
{
"category": "self",
"summary": "SUSE Bug 1242394",
"url": "https://bugzilla.suse.com/1242394"
},
{
"category": "self",
"summary": "SUSE Bug 1242398",
"url": "https://bugzilla.suse.com/1242398"
},
{
"category": "self",
"summary": "SUSE Bug 1242405",
"url": "https://bugzilla.suse.com/1242405"
},
{
"category": "self",
"summary": "SUSE Bug 1242408",
"url": "https://bugzilla.suse.com/1242408"
},
{
"category": "self",
"summary": "SUSE Bug 1242409",
"url": "https://bugzilla.suse.com/1242409"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242416",
"url": "https://bugzilla.suse.com/1242416"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242422",
"url": "https://bugzilla.suse.com/1242422"
},
{
"category": "self",
"summary": "SUSE Bug 1242426",
"url": "https://bugzilla.suse.com/1242426"
},
{
"category": "self",
"summary": "SUSE Bug 1242427",
"url": "https://bugzilla.suse.com/1242427"
},
{
"category": "self",
"summary": "SUSE Bug 1242440",
"url": "https://bugzilla.suse.com/1242440"
},
{
"category": "self",
"summary": "SUSE Bug 1242447",
"url": "https://bugzilla.suse.com/1242447"
},
{
"category": "self",
"summary": "SUSE Bug 1242449",
"url": "https://bugzilla.suse.com/1242449"
},
{
"category": "self",
"summary": "SUSE Bug 1242450",
"url": "https://bugzilla.suse.com/1242450"
},
{
"category": "self",
"summary": "SUSE Bug 1242452",
"url": "https://bugzilla.suse.com/1242452"
},
{
"category": "self",
"summary": "SUSE Bug 1242453",
"url": "https://bugzilla.suse.com/1242453"
},
{
"category": "self",
"summary": "SUSE Bug 1242455",
"url": "https://bugzilla.suse.com/1242455"
},
{
"category": "self",
"summary": "SUSE Bug 1242464",
"url": "https://bugzilla.suse.com/1242464"
},
{
"category": "self",
"summary": "SUSE Bug 1242470",
"url": "https://bugzilla.suse.com/1242470"
},
{
"category": "self",
"summary": "SUSE Bug 1242472",
"url": "https://bugzilla.suse.com/1242472"
},
{
"category": "self",
"summary": "SUSE Bug 1242478",
"url": "https://bugzilla.suse.com/1242478"
},
{
"category": "self",
"summary": "SUSE Bug 1242483",
"url": "https://bugzilla.suse.com/1242483"
},
{
"category": "self",
"summary": "SUSE Bug 1242484",
"url": "https://bugzilla.suse.com/1242484"
},
{
"category": "self",
"summary": "SUSE Bug 1242497",
"url": "https://bugzilla.suse.com/1242497"
},
{
"category": "self",
"summary": "SUSE Bug 1242504",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242527",
"url": "https://bugzilla.suse.com/1242527"
},
{
"category": "self",
"summary": "SUSE Bug 1242542",
"url": "https://bugzilla.suse.com/1242542"
},
{
"category": "self",
"summary": "SUSE Bug 1242544",
"url": "https://bugzilla.suse.com/1242544"
},
{
"category": "self",
"summary": "SUSE Bug 1242549",
"url": "https://bugzilla.suse.com/1242549"
},
{
"category": "self",
"summary": "SUSE Bug 1242558",
"url": "https://bugzilla.suse.com/1242558"
},
{
"category": "self",
"summary": "SUSE Bug 1242566",
"url": "https://bugzilla.suse.com/1242566"
},
{
"category": "self",
"summary": "SUSE Bug 1242570",
"url": "https://bugzilla.suse.com/1242570"
},
{
"category": "self",
"summary": "SUSE Bug 1242580",
"url": "https://bugzilla.suse.com/1242580"
},
{
"category": "self",
"summary": "SUSE Bug 1242594",
"url": "https://bugzilla.suse.com/1242594"
},
{
"category": "self",
"summary": "SUSE Bug 1242686",
"url": "https://bugzilla.suse.com/1242686"
},
{
"category": "self",
"summary": "SUSE Bug 1242688",
"url": "https://bugzilla.suse.com/1242688"
},
{
"category": "self",
"summary": "SUSE Bug 1242691",
"url": "https://bugzilla.suse.com/1242691"
},
{
"category": "self",
"summary": "SUSE Bug 1242716",
"url": "https://bugzilla.suse.com/1242716"
},
{
"category": "self",
"summary": "SUSE Bug 1242727",
"url": "https://bugzilla.suse.com/1242727"
},
{
"category": "self",
"summary": "SUSE Bug 1242734",
"url": "https://bugzilla.suse.com/1242734"
},
{
"category": "self",
"summary": "SUSE Bug 1242745",
"url": "https://bugzilla.suse.com/1242745"
},
{
"category": "self",
"summary": "SUSE Bug 1242747",
"url": "https://bugzilla.suse.com/1242747"
},
{
"category": "self",
"summary": "SUSE Bug 1242755",
"url": "https://bugzilla.suse.com/1242755"
},
{
"category": "self",
"summary": "SUSE Bug 1242756",
"url": "https://bugzilla.suse.com/1242756"
},
{
"category": "self",
"summary": "SUSE Bug 1242759",
"url": "https://bugzilla.suse.com/1242759"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242765",
"url": "https://bugzilla.suse.com/1242765"
},
{
"category": "self",
"summary": "SUSE Bug 1242770",
"url": "https://bugzilla.suse.com/1242770"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242790",
"url": "https://bugzilla.suse.com/1242790"
},
{
"category": "self",
"summary": "SUSE Bug 1242791",
"url": "https://bugzilla.suse.com/1242791"
},
{
"category": "self",
"summary": "SUSE Bug 1242792",
"url": "https://bugzilla.suse.com/1242792"
},
{
"category": "self",
"summary": "SUSE Bug 1242835",
"url": "https://bugzilla.suse.com/1242835"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242949",
"url": "https://bugzilla.suse.com/1242949"
},
{
"category": "self",
"summary": "SUSE Bug 1243047",
"url": "https://bugzilla.suse.com/1243047"
},
{
"category": "self",
"summary": "SUSE Bug 1243074",
"url": "https://bugzilla.suse.com/1243074"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243511",
"url": "https://bugzilla.suse.com/1243511"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243543",
"url": "https://bugzilla.suse.com/1243543"
},
{
"category": "self",
"summary": "SUSE Bug 1243627",
"url": "https://bugzilla.suse.com/1243627"
},
{
"category": "self",
"summary": "SUSE Bug 1243649",
"url": "https://bugzilla.suse.com/1243649"
},
{
"category": "self",
"summary": "SUSE Bug 1243660",
"url": "https://bugzilla.suse.com/1243660"
},
{
"category": "self",
"summary": "SUSE Bug 1243919",
"url": "https://bugzilla.suse.com/1243919"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36791 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20320 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4159 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47170 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47670 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3564 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48875 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49139 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49145 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49168 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49190 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49190/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49212 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49216 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49235 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49248 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49253 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49320 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49326 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49326/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49371 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49382 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49382/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49396 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49420 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49441 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49441/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49445 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49445/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49460 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49467 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49467/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49474 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49491 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49503 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49592 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49625 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49635 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49652 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49715 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49728 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49729 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49751 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49761 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49769 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49771 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49775 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49776 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49787 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49788 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49789 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49813 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49818 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49821 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49822 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49826 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49829 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49832 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49835 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49840 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49842 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49846 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49853 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49861 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49862 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49865 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49871 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49872 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49874 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49877 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49880 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49889 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49892 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49898 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49906 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49907 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49909 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49910 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49913 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49914 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49915 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49922 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49923 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49927 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49931 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1074 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1989 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1990 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52975 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52988 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52989 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52993 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53039 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53041 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53044 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53051 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53056 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53060 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53062 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53066 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53068 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53075 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53078 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53079 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53080 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53094 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53100 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53101 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53103 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53106 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53108 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53109 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53114 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53119 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53121 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53125 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53131 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53141 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53145 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26740 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26804 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46752 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53168 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56779 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23161 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23161/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37932 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37989 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-17T15:32:57Z",
"generator": {
"date": "2025-06-17T15:32:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01983-1",
"initial_release_date": "2025-06-17T15:32:57Z",
"revision_history": [
{
"date": "2025-06-17T15:32:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.261.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.261.1.aarch64",
"product_id": "kernel-default-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.261.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.261.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.261.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.261.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.261.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.261.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.261.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.261.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.261.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.261.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.261.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.261.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.261.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.261.1.noarch",
"product_id": "kernel-devel-4.12.14-122.261.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.261.1.noarch",
"product_id": "kernel-docs-4.12.14-122.261.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.261.1.noarch",
"product_id": "kernel-docs-html-4.12.14-122.261.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.261.1.noarch",
"product_id": "kernel-macros-4.12.14-122.261.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.261.1.noarch",
"product_id": "kernel-source-4.12.14-122.261.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.261.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.261.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.261.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.261.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.261.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.261.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.261.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.261.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.261.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.261.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.261.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.261.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.261.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.261.1.s390x",
"product_id": "kernel-syms-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.261.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.261.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.261.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.261.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.261.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.261.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.261.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.261.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.261.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.261.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.261.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.261.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.261.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.261.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.261.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.261.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.261.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.261.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.261.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.261.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.261.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.261.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.261.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.261.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.261.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: keep alloc_hash updated after hash allocation\n\nIn commit 599be01ee567 (\"net_sched: fix an OOB access in cls_tcindex\")\nI moved cp-\u003ehash calculation before the first\ntcindex_alloc_perfect_hash(), but cp-\u003ealloc_hash is left untouched.\nThis difference could lead to another out of bound access.\n\ncp-\u003ealloc_hash should always be the size allocated, we should\nupdate it after this tcindex_alloc_perfect_hash().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36791",
"url": "https://www.suse.com/security/cve/CVE-2020-36791"
},
{
"category": "external",
"summary": "SUSE Bug 1242835 for CVE-2020-36791",
"url": "https://bugzilla.suse.com/1242835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2020-36791"
},
{
"cve": "CVE-2021-20320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20320"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20320",
"url": "https://www.suse.com/security/cve/CVE-2021-20320"
},
{
"category": "external",
"summary": "SUSE Bug 1190601 for CVE-2021-20320",
"url": "https://bugzilla.suse.com/1190601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-20320"
},
{
"cve": "CVE-2021-4159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4159"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in the Linux kernel\u0027s EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4159",
"url": "https://www.suse.com/security/cve/CVE-2021-4159"
},
{
"category": "external",
"summary": "SUSE Bug 1194227 for CVE-2021-4159",
"url": "https://bugzilla.suse.com/1194227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-4159"
},
{
"cve": "CVE-2021-47170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47170"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbfs: Don\u0027t WARN about excessively large memory allocations\n\nSyzbot found that the kernel generates a WARNing if the user tries to\nsubmit a bulk transfer through usbfs with a buffer that is way too\nlarge. This isn\u0027t a bug in the kernel; it\u0027s merely an invalid request\nfrom the user and the usbfs code does handle it correctly.\n\nIn theory the same thing can happen with async transfers, or with the\npacket descriptor table for isochronous transfers.\n\nTo prevent the MM subsystem from complaining about these bad\nallocation requests, add the __GFP_NOWARN flag to the kmalloc calls\nfor these buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47170",
"url": "https://www.suse.com/security/cve/CVE-2021-47170"
},
{
"category": "external",
"summary": "SUSE Bug 1222004 for CVE-2021-47170",
"url": "https://bugzilla.suse.com/1222004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47170"
},
{
"cve": "CVE-2021-47670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_usb: fix use after free bugs\n\nAfter calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is accessed\nafter the peak_usb_netif_rx_ni().\n\nReordering the lines solves the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47670",
"url": "https://www.suse.com/security/cve/CVE-2021-47670"
},
{
"category": "external",
"summary": "SUSE Bug 1241407 for CVE-2021-47670",
"url": "https://bugzilla.suse.com/1241407"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2021-47670"
},
{
"cve": "CVE-2022-3564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3564"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3564",
"url": "https://www.suse.com/security/cve/CVE-2022-3564"
},
{
"category": "external",
"summary": "SUSE Bug 1206073 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1206073"
},
{
"category": "external",
"summary": "SUSE Bug 1206314 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1206314"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208044 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208044"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-3564",
"url": "https://bugzilla.suse.com/1208085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2022-3564"
},
{
"cve": "CVE-2022-48875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: sdata can be NULL during AMPDU start\n\nieee80211_tx_ba_session_handle_start() may get NULL for sdata when a\ndeauthentication is ongoing.\n\nHere a trace triggering the race with the hostapd test\nmulti_ap_fronthaul_on_ap:\n\n(gdb) list *drv_ampdu_action+0x46\n0x8b16 is in drv_ampdu_action (net/mac80211/driver-ops.c:396).\n391 int ret = -EOPNOTSUPP;\n392\n393 might_sleep();\n394\n395 sdata = get_bss_sdata(sdata);\n396 if (!check_sdata_in_driver(sdata))\n397 return -EIO;\n398\n399 trace_drv_ampdu_action(local, sdata, params);\n400\n\nwlan0: moving STA 02:00:00:00:03:00 to state 3\nwlan0: associated\nwlan0: deauthenticating from 02:00:00:00:03:00 by local choice (Reason: 3=DEAUTH_LEAVING)\nwlan3.sta1: Open BA session requested for 02:00:00:00:00:00 tid 0\nwlan3.sta1: dropped frame to 02:00:00:00:00:00 (unauthorized port)\nwlan0: moving STA 02:00:00:00:03:00 to state 2\nwlan0: moving STA 02:00:00:00:03:00 to state 1\nwlan0: Removed STA 02:00:00:00:03:00\nwlan0: Destroyed STA 02:00:00:00:03:00\nBUG: unable to handle page fault for address: fffffffffffffb48\nPGD 11814067 P4D 11814067 PUD 11816067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 2 PID: 133397 Comm: kworker/u16:1 Tainted: G W 6.1.0-rc8-wt+ #59\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-20220807_005459-localhost 04/01/2014\nWorkqueue: phy3 ieee80211_ba_session_work [mac80211]\nRIP: 0010:drv_ampdu_action+0x46/0x280 [mac80211]\nCode: 53 48 89 f3 be 89 01 00 00 e8 d6 43 bf ef e8 21 46 81 f0 83 bb a0 1b 00 00 04 75 0e 48 8b 9b 28 0d 00 00 48 81 eb 10 0e 00 00 \u003c8b\u003e 93 58 09 00 00 f6 c2 20 0f 84 3b 01 00 00 8b 05 dd 1c 0f 00 85\nRSP: 0018:ffffc900025ebd20 EFLAGS: 00010287\nRAX: 0000000000000000 RBX: fffffffffffff1f0 RCX: ffff888102228240\nRDX: 0000000080000000 RSI: ffffffff918c5de0 RDI: ffff888102228b40\nRBP: ffffc900025ebd40 R08: 0000000000000001 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000000 R12: ffff888118c18ec0\nR13: 0000000000000000 R14: ffffc900025ebd60 R15: ffff888018b7efb8\nFS: 0000000000000000(0000) GS:ffff88817a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffffffffffb48 CR3: 0000000105228006 CR4: 0000000000170ee0\nCall Trace:\n \u003cTASK\u003e\n ieee80211_tx_ba_session_handle_start+0xd0/0x190 [mac80211]\n ieee80211_ba_session_work+0xff/0x2e0 [mac80211]\n process_one_work+0x29f/0x620\n worker_thread+0x4d/0x3d0\n ? process_one_work+0x620/0x620\n kthread+0xfb/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48875",
"url": "https://www.suse.com/security/cve/CVE-2022-48875"
},
{
"category": "external",
"summary": "SUSE Bug 1229516 for CVE-2022-48875",
"url": "https://bugzilla.suse.com/1229516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-48875"
},
{
"cve": "CVE-2022-49139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix null ptr deref on hci_sync_conn_complete_evt\n\nThis event is just specified for SCO and eSCO link types.\nOn the reception of a HCI_Synchronous_Connection_Complete for a BDADDR\nof an existing LE connection, LE link type and a status that triggers the\nsecond case of the packet processing a NULL pointer dereference happens,\nas conn-\u003elink is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49139",
"url": "https://www.suse.com/security/cve/CVE-2022-49139"
},
{
"category": "external",
"summary": "SUSE Bug 1238032 for CVE-2022-49139",
"url": "https://bugzilla.suse.com/1238032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49139"
},
{
"cve": "CVE-2022-49145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Avoid out of bounds access when parsing _CPC data\n\nIf the NumEntries field in the _CPC return package is less than 2, do\nnot attempt to access the \"Revision\" element of that package, because\nit may not be present then.\n\nBugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49145",
"url": "https://www.suse.com/security/cve/CVE-2022-49145"
},
{
"category": "external",
"summary": "SUSE Bug 1238162 for CVE-2022-49145",
"url": "https://bugzilla.suse.com/1238162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49145"
},
{
"cve": "CVE-2022-49168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not clean up repair bio if submit fails\n\nThe submit helper will always run bio_endio() on the bio if it fails to\nsubmit, so cleaning up the bio just leads to a variety of use-after-free\nand NULL pointer dereference bugs because we race with the endio\nfunction that is cleaning up the bio. Instead just return BLK_STS_OK as\nthe repair function has to continue to process the rest of the pages,\nand the endio for the repair bio will do the appropriate cleanup for the\npage that it was given.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49168",
"url": "https://www.suse.com/security/cve/CVE-2022-49168"
},
{
"category": "external",
"summary": "SUSE Bug 1238109 for CVE-2022-49168",
"url": "https://bugzilla.suse.com/1238109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49168"
},
{
"cve": "CVE-2022-49190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49190"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernel/resource: fix kfree() of bootmem memory again\n\nSince commit ebff7d8f270d (\"mem hotunplug: fix kfree() of bootmem\nmemory\"), we could get a resource allocated during boot via\nalloc_resource(). And it\u0027s required to release the resource using\nfree_resource(). Howerver, many people use kfree directly which will\nresult in kernel BUG. In order to fix this without fixing every call\nsite, just leak a couple of bytes in such corner case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49190",
"url": "https://www.suse.com/security/cve/CVE-2022-49190"
},
{
"category": "external",
"summary": "SUSE Bug 1238130 for CVE-2022-49190",
"url": "https://bugzilla.suse.com/1238130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49190"
},
{
"cve": "CVE-2022-49212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init\n\nThe reference counting issue happens in several error handling paths\non a refcounted object \"nc-\u003edmac\". In these paths, the function simply\nreturns the error code, forgetting to balance the reference count of\n\"nc-\u003edmac\", increased earlier by dma_request_channel(), which may\ncause refcount leaks.\n\nFix it by decrementing the refcount of specific object in those error\npaths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49212",
"url": "https://www.suse.com/security/cve/CVE-2022-49212"
},
{
"category": "external",
"summary": "SUSE Bug 1238331 for CVE-2022-49212",
"url": "https://bugzilla.suse.com/1238331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49212"
},
{
"cve": "CVE-2022-49216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: Fix reference leak in tegra_dsi_ganged_probe\n\nThe reference taken by \u0027of_find_device_by_node()\u0027 must be released when\nnot needed anymore. Add put_device() call to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49216",
"url": "https://www.suse.com/security/cve/CVE-2022-49216"
},
{
"category": "external",
"summary": "SUSE Bug 1238338 for CVE-2022-49216",
"url": "https://bugzilla.suse.com/1238338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49216"
},
{
"cve": "CVE-2022-49235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49235"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix uninit value bugs\n\nSyzbot reported 2 KMSAN bugs in ath9k. All of them are caused by missing\nfield initialization.\n\nIn htc_connect_service() svc_meta_len and pad are not initialized. Based\non code it looks like in current skb there is no service data, so simply\ninitialize svc_meta_len to 0.\n\nhtc_issue_send() does not initialize htc_frame_hdr::control array. Based\non firmware code, it will initialize it by itself, so simply zero whole\narray to make KMSAN happy\n\nFail logs:\n\nBUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]\n hif_usb_send+0x5f0/0x16f0 drivers/net/wireless/ath/ath9k/hif_usb.c:479\n htc_issue_send drivers/net/wireless/ath/ath9k/htc_hst.c:34 [inline]\n htc_connect_service+0x143e/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:275\n...\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n htc_connect_service+0x1029/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:258\n...\n\nBytes 4-7 of 18 are uninitialized\nMemory access of size 18 starts at ffff888027377e00\n\nBUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430\n hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline]\n hif_usb_send+0x5f0/0x16f0 drivers/net/wireless/ath/ath9k/hif_usb.c:479\n htc_issue_send drivers/net/wireless/ath/ath9k/htc_hst.c:34 [inline]\n htc_connect_service+0x143e/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:275\n...\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:524 [inline]\n slab_alloc_node mm/slub.c:3251 [inline]\n __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974\n kmalloc_reserve net/core/skbuff.c:354 [inline]\n __alloc_skb+0x545/0xf90 net/core/skbuff.c:426\n alloc_skb include/linux/skbuff.h:1126 [inline]\n htc_connect_service+0x1029/0x1960 drivers/net/wireless/ath/ath9k/htc_hst.c:258\n...\n\nBytes 16-17 of 18 are uninitialized\nMemory access of size 18 starts at ffff888027377e00",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49235",
"url": "https://www.suse.com/security/cve/CVE-2022-49235"
},
{
"category": "external",
"summary": "SUSE Bug 1238333 for CVE-2022-49235",
"url": "https://bugzilla.suse.com/1238333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49235"
},
{
"cve": "CVE-2022-49248",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49248"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction\n\nAV/C deferred transaction was supported at a commit 00a7bb81c20f (\"ALSA:\nfirewire-lib: Add support for deferred transaction\") while \u0027deferrable\u0027\nflag can be uninitialized for non-control/notify AV/C transactions.\nUBSAN reports it:\n\nkernel: ================================================================================\nkernel: UBSAN: invalid-load in /build/linux-aa0B4d/linux-5.15.0/sound/firewire/fcp.c:363:9\nkernel: load of value 158 is not a valid value for type \u0027_Bool\u0027\nkernel: CPU: 3 PID: 182227 Comm: irq/35-firewire Tainted: P OE 5.15.0-18-generic #18-Ubuntu\nkernel: Hardware name: Gigabyte Technology Co., Ltd. AX370-Gaming 5/AX370-Gaming 5, BIOS F42b 08/01/2019\nkernel: Call Trace:\nkernel: \u003cIRQ\u003e\nkernel: show_stack+0x52/0x58\nkernel: dump_stack_lvl+0x4a/0x5f\nkernel: dump_stack+0x10/0x12\nkernel: ubsan_epilogue+0x9/0x45\nkernel: __ubsan_handle_load_invalid_value.cold+0x44/0x49\nkernel: fcp_response.part.0.cold+0x1a/0x2b [snd_firewire_lib]\nkernel: fcp_response+0x28/0x30 [snd_firewire_lib]\nkernel: fw_core_handle_request+0x230/0x3d0 [firewire_core]\nkernel: handle_ar_packet+0x1d9/0x200 [firewire_ohci]\nkernel: ? handle_ar_packet+0x1d9/0x200 [firewire_ohci]\nkernel: ? transmit_complete_callback+0x9f/0x120 [firewire_core]\nkernel: ar_context_tasklet+0xa8/0x2e0 [firewire_ohci]\nkernel: tasklet_action_common.constprop.0+0xea/0xf0\nkernel: tasklet_action+0x22/0x30\nkernel: __do_softirq+0xd9/0x2e3\nkernel: ? irq_finalize_oneshot.part.0+0xf0/0xf0\nkernel: do_softirq+0x75/0xa0\nkernel: \u003c/IRQ\u003e\nkernel: \u003cTASK\u003e\nkernel: __local_bh_enable_ip+0x50/0x60\nkernel: irq_forced_thread_fn+0x7e/0x90\nkernel: irq_thread+0xba/0x190\nkernel: ? irq_thread_fn+0x60/0x60\nkernel: kthread+0x11e/0x140\nkernel: ? irq_thread_check_affinity+0xf0/0xf0\nkernel: ? set_kthread_struct+0x50/0x50\nkernel: ret_from_fork+0x22/0x30\nkernel: \u003c/TASK\u003e\nkernel: ================================================================================\n\nThis commit fixes the bug. The bug has no disadvantage for the non-\ncontrol/notify AV/C transactions since the flag has an effect for AV/C\nresponse with INTERIM (0x0f) status which is not used for the transactions\nin AV/C general specification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49248",
"url": "https://www.suse.com/security/cve/CVE-2022-49248"
},
{
"category": "external",
"summary": "SUSE Bug 1238284 for CVE-2022-49248",
"url": "https://bugzilla.suse.com/1238284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49248"
},
{
"cve": "CVE-2022-49253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usb: go7007: s2250-board: fix leak in probe()\n\nCall i2c_unregister_device(audio) on this error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49253",
"url": "https://www.suse.com/security/cve/CVE-2022-49253"
},
{
"category": "external",
"summary": "SUSE Bug 1238420 for CVE-2022-49253",
"url": "https://bugzilla.suse.com/1238420"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49253"
},
{
"cve": "CVE-2022-49320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type\n\nIn zynqmp_dma_alloc/free_chan_resources functions there is a\npotential overflow in the below expressions.\n\ndma_alloc_coherent(chan-\u003edev, (2 * chan-\u003edesc_size *\n\t\t ZYNQMP_DMA_NUM_DESCS),\n\t\t \u0026chan-\u003edesc_pool_p, GFP_KERNEL);\n\ndma_free_coherent(chan-\u003edev,(2 * ZYNQMP_DMA_DESC_SIZE(chan) *\n ZYNQMP_DMA_NUM_DESCS),\n chan-\u003edesc_pool_v, chan-\u003edesc_pool_p);\n\nThe arguments desc_size and ZYNQMP_DMA_NUM_DESCS were 32 bit. Though\nthis overflow condition is not observed but it is a potential problem\nin the case of 32-bit multiplication. Hence fix it by changing the\ndesc_size data type to size_t.\n\nIn addition to coverity fix it also reuse ZYNQMP_DMA_DESC_SIZE macro in\ndma_alloc_coherent API argument.\n\nAddresses-Coverity: Event overflow_before_widen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49320",
"url": "https://www.suse.com/security/cve/CVE-2022-49320"
},
{
"category": "external",
"summary": "SUSE Bug 1238394 for CVE-2022-49320",
"url": "https://bugzilla.suse.com/1238394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49320"
},
{
"cve": "CVE-2022-49326",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49326"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtl818x: Prevent using not initialized queues\n\nUsing not existing queues can panic the kernel with rtl8180/rtl8185 cards.\nIgnore the skb priority for those cards, they only have one tx queue. Pierre\nAsselin (pa@panix.com) reported the kernel crash in the Gentoo forum:\n\nhttps://forums.gentoo.org/viewtopic-t-1147832-postdays-0-postorder-asc-start-25.html\n\nHe also confirmed that this patch fixes the issue. In summary this happened:\n\nAfter updating wpa_supplicant from 2.9 to 2.10 the kernel crashed with a\n\"divide error: 0000\" when connecting to an AP. Control port tx now tries to\nuse IEEE80211_AC_VO for the priority, which wpa_supplicants starts to use in\n2.10.\n\nSince only the rtl8187se part of the driver supports QoS, the priority\nof the skb is set to IEEE80211_AC_BE (2) by mac80211 for rtl8180/rtl8185\ncards.\n\nrtl8180 is then unconditionally reading out the priority and finally crashes on\ndrivers/net/wireless/realtek/rtl818x/rtl8180/dev.c line 544 without this\npatch:\n\tidx = (ring-\u003eidx + skb_queue_len(\u0026ring-\u003equeue)) % ring-\u003eentries\n\n\"ring-\u003eentries\" is zero for rtl8180/rtl8185 cards, tx_ring[2] never got\ninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49326",
"url": "https://www.suse.com/security/cve/CVE-2022-49326"
},
{
"category": "external",
"summary": "SUSE Bug 1238646 for CVE-2022-49326",
"url": "https://bugzilla.suse.com/1238646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49326"
},
{
"cve": "CVE-2022-49371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix deadlock in __device_attach\n\nIn __device_attach function, The lock holding logic is as follows:\n...\n__device_attach\ndevice_lock(dev) // get lock dev\n async_schedule_dev(__device_attach_async_helper, dev); // func\n async_schedule_node\n async_schedule_node_domain(func)\n entry = kzalloc(sizeof(struct async_entry), GFP_ATOMIC);\n\t/* when fail or work limit, sync to execute func, but\n\t __device_attach_async_helper will get lock dev as\n\t well, which will lead to A-A deadlock. */\n\tif (!entry || atomic_read(\u0026entry_count) \u003e MAX_WORK) {\n\t func;\n\telse\n\t queue_work_node(node, system_unbound_wq, \u0026entry-\u003ework)\n device_unlock(dev)\n\nAs shown above, when it is allowed to do async probes, because of\nout of memory or work limit, async work is not allowed, to do\nsync execute instead. it will lead to A-A deadlock because of\n__device_attach_async_helper getting lock dev.\n\nTo fix the deadlock, move the async_schedule_dev outside device_lock,\nas we can see, in async_schedule_node_domain, the parameter of\nqueue_work_node is system_unbound_wq, so it can accept concurrent\noperations. which will also not change the code logic, and will\nnot lead to deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49371",
"url": "https://www.suse.com/security/cve/CVE-2022-49371"
},
{
"category": "external",
"summary": "SUSE Bug 1238546 for CVE-2022-49371",
"url": "https://bugzilla.suse.com/1238546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49371"
},
{
"cve": "CVE-2022-49382",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49382"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: rockchip: Fix refcount leak in rockchip_grf_init\n\nof_find_matching_node_and_match returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49382",
"url": "https://www.suse.com/security/cve/CVE-2022-49382"
},
{
"category": "external",
"summary": "SUSE Bug 1238306 for CVE-2022-49382",
"url": "https://bugzilla.suse.com/1238306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49382"
},
{
"cve": "CVE-2022-49396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom-qmp: fix reset-controller leak on probe errors\n\nMake sure to release the lane reset controller in case of a late probe\nerror (e.g. probe deferral).\n\nNote that due to the reset controller being defined in devicetree in\n\"lane\" child nodes, devm_reset_control_get_exclusive() cannot be used\ndirectly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49396",
"url": "https://www.suse.com/security/cve/CVE-2022-49396"
},
{
"category": "external",
"summary": "SUSE Bug 1238289 for CVE-2022-49396",
"url": "https://bugzilla.suse.com/1238289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49396"
},
{
"cve": "CVE-2022-49420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49420"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: annotate races around sk-\u003esk_bound_dev_if\n\nUDP sendmsg() is lockless, and reads sk-\u003esk_bound_dev_if while\nthis field can be changed by another thread.\n\nAdds minimal annotations to avoid KCSAN splats for UDP.\nFollowing patches will add more annotations to potential lockless readers.\n\nBUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg\n\nwrite to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0:\n __ip6_datagram_connect+0x6e2/0x930 net/ipv6/datagram.c:221\n ip6_datagram_connect+0x2a/0x40 net/ipv6/datagram.c:272\n inet_dgram_connect+0x107/0x190 net/ipv4/af_inet.c:576\n __sys_connect_file net/socket.c:1900 [inline]\n __sys_connect+0x197/0x1b0 net/socket.c:1917\n __do_sys_connect net/socket.c:1927 [inline]\n __se_sys_connect net/socket.c:1924 [inline]\n __x64_sys_connect+0x3d/0x50 net/socket.c:1924\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nread to 0xffff888136d47a94 of 4 bytes by task 7670 on cpu 1:\n udpv6_sendmsg+0xc60/0x16e0 net/ipv6/udp.c:1436\n inet6_sendmsg+0x5f/0x80 net/ipv6/af_inet6.c:652\n sock_sendmsg_nosec net/socket.c:705 [inline]\n sock_sendmsg net/socket.c:725 [inline]\n ____sys_sendmsg+0x39a/0x510 net/socket.c:2413\n ___sys_sendmsg net/socket.c:2467 [inline]\n __sys_sendmmsg+0x267/0x4c0 net/socket.c:2553\n __do_sys_sendmmsg net/socket.c:2582 [inline]\n __se_sys_sendmmsg net/socket.c:2579 [inline]\n __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2579\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nvalue changed: 0x00000000 -\u003e 0xffffff9b\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 7670 Comm: syz-executor.3 Tainted: G W 5.18.0-rc1-syzkaller-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\n\nI chose to not add Fixes: tag because race has minor consequences\nand stable teams busy enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49420",
"url": "https://www.suse.com/security/cve/CVE-2022-49420"
},
{
"category": "external",
"summary": "SUSE Bug 1238887 for CVE-2022-49420",
"url": "https://bugzilla.suse.com/1238887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49420"
},
{
"cve": "CVE-2022-49441",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49441"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: fix deadlock caused by calling printk() under tty_port-\u003elock\n\npty_write() invokes kmalloc() which may invoke a normal printk() to print\nfailure message. This can cause a deadlock in the scenario reported by\nsyz-bot below:\n\n CPU0 CPU1 CPU2\n ---- ---- ----\n lock(console_owner);\n lock(\u0026port_lock_key);\n lock(\u0026port-\u003elock);\n lock(\u0026port_lock_key);\n lock(\u0026port-\u003elock);\n lock(console_owner);\n\nAs commit dbdda842fe96 (\"printk: Add console owner and waiter logic to\nload balance console writes\") said, such deadlock can be prevented by\nusing printk_deferred() in kmalloc() (which is invoked in the section\nguarded by the port-\u003elock). But there are too many printk() on the\nkmalloc() path, and kmalloc() can be called from anywhere, so changing\nprintk() to printk_deferred() is too complicated and inelegant.\n\nTherefore, this patch chooses to specify __GFP_NOWARN to kmalloc(), so\nthat printk() will not be called, and this deadlock problem can be\navoided.\n\nSyzbot reported the following lockdep error:\n\n======================================================\nWARNING: possible circular locking dependency detected\n5.4.143-00237-g08ccc19a-dirty #10 Not tainted\n------------------------------------------------------\nsyz-executor.4/29420 is trying to acquire lock:\nffffffff8aedb2a0 (console_owner){....}-{0:0}, at: console_trylock_spinning kernel/printk/printk.c:1752 [inline]\nffffffff8aedb2a0 (console_owner){....}-{0:0}, at: vprintk_emit+0x2ca/0x470 kernel/printk/printk.c:2023\n\nbut task is already holding lock:\nffff8880119c9158 (\u0026port-\u003elock){-.-.}-{2:2}, at: pty_write+0xf4/0x1f0 drivers/tty/pty.c:120\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #2 (\u0026port-\u003elock){-.-.}-{2:2}:\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x35/0x50 kernel/locking/spinlock.c:159\n tty_port_tty_get drivers/tty/tty_port.c:288 [inline] \t\t\u003c-- lock(\u0026port-\u003elock);\n tty_port_default_wakeup+0x1d/0xb0 drivers/tty/tty_port.c:47\n serial8250_tx_chars+0x530/0xa80 drivers/tty/serial/8250/8250_port.c:1767\n serial8250_handle_irq.part.0+0x31f/0x3d0 drivers/tty/serial/8250/8250_port.c:1854\n serial8250_handle_irq drivers/tty/serial/8250/8250_port.c:1827 [inline] \t\u003c-- lock(\u0026port_lock_key);\n serial8250_default_handle_irq+0xb2/0x220 drivers/tty/serial/8250/8250_port.c:1870\n serial8250_interrupt+0xfd/0x200 drivers/tty/serial/8250/8250_core.c:126\n __handle_irq_event_percpu+0x109/0xa50 kernel/irq/handle.c:156\n [...]\n\n-\u003e #1 (\u0026port_lock_key){-.-.}-{2:2}:\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0x35/0x50 kernel/locking/spinlock.c:159\n serial8250_console_write+0x184/0xa40 drivers/tty/serial/8250/8250_port.c:3198\n\t\t\t\t\t\t\t\t\t\t\u003c-- lock(\u0026port_lock_key);\n call_console_drivers kernel/printk/printk.c:1819 [inline]\n console_unlock+0x8cb/0xd00 kernel/printk/printk.c:2504\n vprintk_emit+0x1b5/0x470 kernel/printk/printk.c:2024\t\t\t\u003c-- lock(console_owner);\n vprintk_func+0x8d/0x250 kernel/printk/printk_safe.c:394\n printk+0xba/0xed kernel/printk/printk.c:2084\n register_console+0x8b3/0xc10 kernel/printk/printk.c:2829\n univ8250_console_init+0x3a/0x46 drivers/tty/serial/8250/8250_core.c:681\n console_init+0x49d/0x6d3 kernel/printk/printk.c:2915\n start_kernel+0x5e9/0x879 init/main.c:713\n secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:241\n\n-\u003e #0 (console_owner){....}-{0:0}:\n [...]\n lock_acquire+0x127/0x340 kernel/locking/lockdep.c:4734\n console_trylock_spinning kernel/printk/printk.c:1773 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49441",
"url": "https://www.suse.com/security/cve/CVE-2022-49441"
},
{
"category": "external",
"summary": "SUSE Bug 1238263 for CVE-2022-49441",
"url": "https://bugzilla.suse.com/1238263"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49441"
},
{
"cve": "CVE-2022-49445",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49445"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()\n\nIt will cause null-ptr-deref when using \u0027res\u0027, if platform_get_resource()\nreturns NULL, so move using \u0027res\u0027 after devm_ioremap_resource() that\nwill check it to avoid null-ptr-deref.\nAnd use devm_platform_get_and_ioremap_resource() to simplify code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49445",
"url": "https://www.suse.com/security/cve/CVE-2022-49445"
},
{
"category": "external",
"summary": "SUSE Bug 1238019 for CVE-2022-49445",
"url": "https://bugzilla.suse.com/1238019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49445"
},
{
"cve": "CVE-2022-49460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49460"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: rk3399_dmc: Disable edev on remove()\n\nOtherwise we hit an unablanced enable-count when unbinding the DFI\ndevice:\n\n[ 1279.659119] ------------[ cut here ]------------\n[ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c\n...\n[ 1279.659352] Hardware name: Google Kevin (DT)\n[ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n[ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28\n...\n[ 1279.659571] Call trace:\n[ 1279.659582] devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659590] devm_devfreq_event_release+0x1c/0x28\n[ 1279.659602] release_nodes+0x1cc/0x244\n[ 1279.659611] devres_release_all+0x44/0x60\n[ 1279.659621] device_release_driver_internal+0x11c/0x1ac\n[ 1279.659629] device_driver_detach+0x20/0x2c\n[ 1279.659641] unbind_store+0x7c/0xb0\n[ 1279.659650] drv_attr_store+0x2c/0x40\n[ 1279.659663] sysfs_kf_write+0x44/0x58\n[ 1279.659672] kernfs_fop_write_iter+0xf4/0x190\n[ 1279.659684] vfs_write+0x2b0/0x2e4\n[ 1279.659693] ksys_write+0x80/0xec\n[ 1279.659701] __arm64_sys_write+0x24/0x30\n[ 1279.659714] el0_svc_common+0xf0/0x1d8\n[ 1279.659724] do_el0_svc_compat+0x28/0x3c\n[ 1279.659738] el0_svc_compat+0x10/0x1c\n[ 1279.659746] el0_sync_compat_handler+0xa8/0xcc\n[ 1279.659758] el0_sync_compat+0x188/0x1c0\n[ 1279.659768] ---[ end trace cec200e5094155b4 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49460",
"url": "https://www.suse.com/security/cve/CVE-2022-49460"
},
{
"category": "external",
"summary": "SUSE Bug 1238892 for CVE-2022-49460",
"url": "https://bugzilla.suse.com/1238892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49460"
},
{
"cve": "CVE-2022-49467",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49467"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: msm: fix possible memory leak in mdp5_crtc_cursor_set()\n\ndrm_gem_object_lookup will call drm_gem_object_get inside. So cursor_bo\nneeds to be put when msm_gem_get_and_pin_iova fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49467",
"url": "https://www.suse.com/security/cve/CVE-2022-49467"
},
{
"category": "external",
"summary": "SUSE Bug 1238815 for CVE-2022-49467",
"url": "https://bugzilla.suse.com/1238815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49467"
},
{
"cve": "CVE-2022-49474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout\n\nConnecting the same socket twice consecutively in sco_sock_connect()\ncould lead to a race condition where two sco_conn objects are created\nbut only one is associated with the socket. If the socket is closed\nbefore the SCO connection is established, the timer associated with the\ndangling sco_conn object won\u0027t be canceled. As the sock object is being\nfreed, the use-after-free problem happens when the timer callback\nfunction sco_sock_timeout() accesses the socket. Here\u0027s the call trace:\n\ndump_stack+0x107/0x163\n? refcount_inc+0x1c/\nprint_address_description.constprop.0+0x1c/0x47e\n? refcount_inc+0x1c/0x7b\nkasan_report+0x13a/0x173\n? refcount_inc+0x1c/0x7b\ncheck_memory_region+0x132/0x139\nrefcount_inc+0x1c/0x7b\nsco_sock_timeout+0xb2/0x1ba\nprocess_one_work+0x739/0xbd1\n? cancel_delayed_work+0x13f/0x13f\n? __raw_spin_lock_init+0xf0/0xf0\n? to_kthread+0x59/0x85\nworker_thread+0x593/0x70e\nkthread+0x346/0x35a\n? drain_workqueue+0x31a/0x31a\n? kthread_bind+0x4b/0x4b\nret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49474",
"url": "https://www.suse.com/security/cve/CVE-2022-49474"
},
{
"category": "external",
"summary": "SUSE Bug 1238071 for CVE-2022-49474",
"url": "https://bugzilla.suse.com/1238071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49474"
},
{
"cve": "CVE-2022-49491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop: fix possible null-ptr-deref in vop_bind()\n\nIt will cause null-ptr-deref in resource_size(), if platform_get_resource()\nreturns NULL, move calling resource_size() after devm_ioremap_resource() that\nwill check \u0027res\u0027 to avoid null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49491",
"url": "https://www.suse.com/security/cve/CVE-2022-49491"
},
{
"category": "external",
"summary": "SUSE Bug 1238539 for CVE-2022-49491",
"url": "https://bugzilla.suse.com/1238539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49491"
},
{
"cve": "CVE-2022-49503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix\n\nThe \"rxstatus-\u003ers_keyix\" eventually gets passed to test_bit() so we need to\nensure that it is within the bitmap.\n\ndrivers/net/wireless/ath/ath9k/common.c:46 ath9k_cmn_rx_accept()\nerror: passing untrusted data \u0027rx_stats-\u003ers_keyix\u0027 to \u0027test_bit()\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49503",
"url": "https://www.suse.com/security/cve/CVE-2022-49503"
},
{
"category": "external",
"summary": "SUSE Bug 1238868 for CVE-2022-49503",
"url": "https://bugzilla.suse.com/1238868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49503"
},
{
"cve": "CVE-2022-49592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix dma queue left shift overflow issue\n\nWhen queue number is \u003e 4, left shift overflows due to 32 bits\ninteger variable. Mask calculation is wrong for MTL_RXQ_DMA_MAP1.\n\nIf CONFIG_UBSAN is enabled, kernel dumps below warning:\n[ 10.363842] ==================================================================\n[ 10.363882] UBSAN: shift-out-of-bounds in /build/linux-intel-iotg-5.15-8e6Tf4/\nlinux-intel-iotg-5.15-5.15.0/drivers/net/ethernet/stmicro/stmmac/dwmac4_core.c:224:12\n[ 10.363929] shift exponent 40 is too large for 32-bit type \u0027unsigned int\u0027\n[ 10.363953] CPU: 1 PID: 599 Comm: NetworkManager Not tainted 5.15.0-1003-intel-iotg\n[ 10.363956] Hardware name: ADLINK Technology Inc. LEC-EL/LEC-EL, BIOS 0.15.11 12/22/2021\n[ 10.363958] Call Trace:\n[ 10.363960] \u003cTASK\u003e\n[ 10.363963] dump_stack_lvl+0x4a/0x5f\n[ 10.363971] dump_stack+0x10/0x12\n[ 10.363974] ubsan_epilogue+0x9/0x45\n[ 10.363976] __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e\n[ 10.363979] ? wake_up_klogd+0x4a/0x50\n[ 10.363983] ? vprintk_emit+0x8f/0x240\n[ 10.363986] dwmac4_map_mtl_dma.cold+0x42/0x91 [stmmac]\n[ 10.364001] stmmac_mtl_configuration+0x1ce/0x7a0 [stmmac]\n[ 10.364009] ? dwmac410_dma_init_channel+0x70/0x70 [stmmac]\n[ 10.364020] stmmac_hw_setup.cold+0xf/0xb14 [stmmac]\n[ 10.364030] ? page_pool_alloc_pages+0x4d/0x70\n[ 10.364034] ? stmmac_clear_tx_descriptors+0x6e/0xe0 [stmmac]\n[ 10.364042] stmmac_open+0x39e/0x920 [stmmac]\n[ 10.364050] __dev_open+0xf0/0x1a0\n[ 10.364054] __dev_change_flags+0x188/0x1f0\n[ 10.364057] dev_change_flags+0x26/0x60\n[ 10.364059] do_setlink+0x908/0xc40\n[ 10.364062] ? do_setlink+0xb10/0xc40\n[ 10.364064] ? __nla_validate_parse+0x4c/0x1a0\n[ 10.364068] __rtnl_newlink+0x597/0xa10\n[ 10.364072] ? __nla_reserve+0x41/0x50\n[ 10.364074] ? __kmalloc_node_track_caller+0x1d0/0x4d0\n[ 10.364079] ? pskb_expand_head+0x75/0x310\n[ 10.364082] ? nla_reserve_64bit+0x21/0x40\n[ 10.364086] ? skb_free_head+0x65/0x80\n[ 10.364089] ? security_sock_rcv_skb+0x2c/0x50\n[ 10.364094] ? __cond_resched+0x19/0x30\n[ 10.364097] ? kmem_cache_alloc_trace+0x15a/0x420\n[ 10.364100] rtnl_newlink+0x49/0x70\n\nThis change fixes MTL_RXQ_DMA_MAP1 mask issue and channel/queue\nmapping warning.\n\nBugLink: https://bugzilla.kernel.org/show_bug.cgi?id=216195",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49592",
"url": "https://www.suse.com/security/cve/CVE-2022-49592"
},
{
"category": "external",
"summary": "SUSE Bug 1238311 for CVE-2022-49592",
"url": "https://bugzilla.suse.com/1238311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49592"
},
{
"cve": "CVE-2022-49625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix kernel panic when creating VF\n\nWhen creating VFs a kernel panic can happen when calling to\nefx_ef10_try_update_nic_stats_vf.\n\nWhen releasing a DMA coherent buffer, sometimes, I don\u0027t know in what\nspecific circumstances, it has to unmap memory with vunmap. It is\ndisallowed to do that in IRQ context or with BH disabled. Otherwise, we\nhit this line in vunmap, causing the crash:\n BUG_ON(in_interrupt());\n\nThis patch reenables BH to release the buffer.\n\nLog messages when the bug is hit:\n kernel BUG at mm/vmalloc.c:2727!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 6 PID: 1462 Comm: NetworkManager Kdump: loaded Tainted: G I --------- --- 5.14.0-119.el9.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/06WXJT, BIOS 2.8.2 08/27/2020\n RIP: 0010:vunmap+0x2e/0x30\n ...skip...\n Call Trace:\n __iommu_dma_free+0x96/0x100\n efx_nic_free_buffer+0x2b/0x40 [sfc]\n efx_ef10_try_update_nic_stats_vf+0x14a/0x1c0 [sfc]\n efx_ef10_update_stats_vf+0x18/0x40 [sfc]\n efx_start_all+0x15e/0x1d0 [sfc]\n efx_net_open+0x5a/0xe0 [sfc]\n __dev_open+0xe7/0x1a0\n __dev_change_flags+0x1d7/0x240\n dev_change_flags+0x21/0x60\n ...skip...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49625",
"url": "https://www.suse.com/security/cve/CVE-2022-49625"
},
{
"category": "external",
"summary": "SUSE Bug 1238411 for CVE-2022-49625",
"url": "https://bugzilla.suse.com/1238411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49625"
},
{
"cve": "CVE-2022-49635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/selftests: fix subtraction overflow bug\n\nOn some machines hole_end can be small enough to cause subtraction\noverflow. On the other side (addr + 2 * min_alignment) can overflow\nin case of mock tests. This patch should handle both cases.\n\n(cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49635",
"url": "https://www.suse.com/security/cve/CVE-2022-49635"
},
{
"category": "external",
"summary": "SUSE Bug 1238806 for CVE-2022-49635",
"url": "https://bugzilla.suse.com/1238806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49635"
},
{
"cve": "CVE-2022-49652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate\n\nof_parse_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not needed anymore.\n\nAdd missing of_node_put() in to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49652",
"url": "https://www.suse.com/security/cve/CVE-2022-49652"
},
{
"category": "external",
"summary": "SUSE Bug 1238871 for CVE-2022-49652",
"url": "https://bugzilla.suse.com/1238871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49652"
},
{
"cve": "CVE-2022-49715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions\n\nof_find_node_by_phandle() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49715",
"url": "https://www.suse.com/security/cve/CVE-2022-49715"
},
{
"category": "external",
"summary": "SUSE Bug 1238818 for CVE-2022-49715",
"url": "https://bugzilla.suse.com/1238818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49715"
},
{
"cve": "CVE-2022-49728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix signed integer overflow in __ip6_append_data\n\nResurrect ubsan overflow checks and ubsan report this warning,\nfix it by change the variable [length] type to size_t.\n\nUBSAN: signed-integer-overflow in net/ipv6/ip6_output.c:1489:19\n2147479552 + 8567 cannot be represented in type \u0027int\u0027\nCPU: 0 PID: 253 Comm: err Not tainted 5.16.0+ #1\nHardware name: linux,dummy-virt (DT)\nCall trace:\n dump_backtrace+0x214/0x230\n show_stack+0x30/0x78\n dump_stack_lvl+0xf8/0x118\n dump_stack+0x18/0x30\n ubsan_epilogue+0x18/0x60\n handle_overflow+0xd0/0xf0\n __ubsan_handle_add_overflow+0x34/0x44\n __ip6_append_data.isra.48+0x1598/0x1688\n ip6_append_data+0x128/0x260\n udpv6_sendmsg+0x680/0xdd0\n inet6_sendmsg+0x54/0x90\n sock_sendmsg+0x70/0x88\n ____sys_sendmsg+0xe8/0x368\n ___sys_sendmsg+0x98/0xe0\n __sys_sendmmsg+0xf4/0x3b8\n __arm64_sys_sendmmsg+0x34/0x48\n invoke_syscall+0x64/0x160\n el0_svc_common.constprop.4+0x124/0x300\n do_el0_svc+0x44/0xc8\n el0_svc+0x3c/0x1e8\n el0t_64_sync_handler+0x88/0xb0\n el0t_64_sync+0x16c/0x170\n\nChanges since v1:\n-Change the variable [length] type to unsigned, as Eric Dumazet suggested.\nChanges since v2:\n-Don\u0027t change exthdrlen type in ip6_make_skb, as Paolo Abeni suggested.\nChanges since v3:\n-Don\u0027t change ulen type in udpv6_sendmsg and l2tp_ip6_sendmsg, as\nJakub Kicinski suggested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49728",
"url": "https://www.suse.com/security/cve/CVE-2022-49728"
},
{
"category": "external",
"summary": "SUSE Bug 1239111 for CVE-2022-49728",
"url": "https://bugzilla.suse.com/1239111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49728"
},
{
"cve": "CVE-2022-49729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred\n\nSimilar to the handling of play_deferred in commit 19cfe912c37b\n(\"Bluetooth: btusb: Fix memory leak in play_deferred\"), we thought\na patch might be needed here as well.\n\nCurrently usb_submit_urb is called directly to submit deferred tx\nurbs after unanchor them.\n\nSo the usb_giveback_urb_bh would failed to unref it in usb_unanchor_urb\nand cause memory leak.\n\nPut those urbs in tx_anchor to avoid the leak, and also fix the error\nhandling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49729",
"url": "https://www.suse.com/security/cve/CVE-2022-49729"
},
{
"category": "external",
"summary": "SUSE Bug 1239060 for CVE-2022-49729",
"url": "https://bugzilla.suse.com/1239060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "low"
}
],
"title": "CVE-2022-49729"
},
{
"cve": "CVE-2022-49751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nw1: fix WARNING after calling w1_process()\n\nI got the following WARNING message while removing driver(ds2482):\n\n------------[ cut here ]------------\ndo not call blocking ops when !TASK_RUNNING; state=1 set at [\u003c000000002d50bfb6\u003e] w1_process+0x9e/0x1d0 [wire]\nWARNING: CPU: 0 PID: 262 at kernel/sched/core.c:9817 __might_sleep+0x98/0xa0\nCPU: 0 PID: 262 Comm: w1_bus_master1 Tainted: G N 6.1.0-rc3+ #307\nRIP: 0010:__might_sleep+0x98/0xa0\nCall Trace:\n exit_signals+0x6c/0x550\n do_exit+0x2b4/0x17e0\n kthread_exit+0x52/0x60\n kthread+0x16d/0x1e0\n ret_from_fork+0x1f/0x30\n\nThe state of task is set to TASK_INTERRUPTIBLE in loop in w1_process(),\nset it to TASK_RUNNING when it breaks out of the loop to avoid the\nwarning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49751",
"url": "https://www.suse.com/security/cve/CVE-2022-49751"
},
{
"category": "external",
"summary": "SUSE Bug 1240254 for CVE-2022-49751",
"url": "https://bugzilla.suse.com/1240254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49751"
},
{
"cve": "CVE-2022-49761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: always report error in run_one_delayed_ref()\n\nCurrently we have a btrfs_debug() for run_one_delayed_ref() failure, but\nif end users hit such problem, there will be no chance that\nbtrfs_debug() is enabled. This can lead to very little useful info for\ndebugging.\n\nThis patch will:\n\n- Add extra info for error reporting\n Including:\n * logical bytenr\n * num_bytes\n * type\n * action\n * ref_mod\n\n- Replace the btrfs_debug() with btrfs_err()\n\n- Move the error reporting into run_one_delayed_ref()\n This is to avoid use-after-free, the @node can be freed in the caller.\n\nThis error should only be triggered at most once.\n\nAs if run_one_delayed_ref() failed, we trigger the error message, then\ncausing the call chain to error out:\n\nbtrfs_run_delayed_refs()\n`- btrfs_run_delayed_refs()\n `- btrfs_run_delayed_refs_for_head()\n `- run_one_delayed_ref()\n\nAnd we will abort the current transaction in btrfs_run_delayed_refs().\nIf we have to run delayed refs for the abort transaction,\nrun_one_delayed_ref() will just cleanup the refs and do nothing, thus no\nnew error messages would be output.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49761",
"url": "https://www.suse.com/security/cve/CVE-2022-49761"
},
{
"category": "external",
"summary": "SUSE Bug 1240261 for CVE-2022-49761",
"url": "https://bugzilla.suse.com/1240261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49761"
},
{
"cve": "CVE-2022-49769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Check sb_bsize_shift after reading superblock\n\nFuzzers like to scribble over sb_bsize_shift but in reality it\u0027s very\nunlikely that this field would be corrupted on its own. Nevertheless it\nshould be checked to avoid the possibility of messy mount errors due to\nbad calculations. It\u0027s always a fixed value based on the block size so\nwe can just check that it\u0027s the expected value.\n\nTested with:\n\n mkfs.gfs2 -O -p lock_nolock /dev/vdb\n for i in 0 -1 64 65 32 33; do\n gfs2_edit -p sb field sb_bsize_shift $i /dev/vdb\n mount /dev/vdb /mnt/test \u0026\u0026 umount /mnt/test\n done\n\nBefore this patch we get a withdraw after\n\n[ 76.413681] gfs2: fsid=loop0.0: fatal: invalid metadata block\n[ 76.413681] bh = 19 (type: exp=5, found=4)\n[ 76.413681] function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 492\n\nand with UBSAN configured we also get complaints like\n\n[ 76.373395] UBSAN: shift-out-of-bounds in fs/gfs2/ops_fstype.c:295:19\n[ 76.373815] shift exponent 4294967287 is too large for 64-bit type \u0027long unsigned int\u0027\n\nAfter the patch, these complaints don\u0027t appear, mount fails immediately\nand we get an explanation in dmesg.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49769",
"url": "https://www.suse.com/security/cve/CVE-2022-49769"
},
{
"category": "external",
"summary": "SUSE Bug 1242440 for CVE-2022-49769",
"url": "https://bugzilla.suse.com/1242440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49769"
},
{
"cve": "CVE-2022-49771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm ioctl: fix misbehavior if list_versions races with module loading\n\n__list_versions will first estimate the required space using the\n\"dm_target_iterate(list_version_get_needed, \u0026needed)\" call and then will\nfill the space using the \"dm_target_iterate(list_version_get_info,\n\u0026iter_info)\" call. Each of these calls locks the targets using the\n\"down_read(\u0026_lock)\" and \"up_read(\u0026_lock)\" calls, however between the first\nand second \"dm_target_iterate\" there is no lock held and the target\nmodules can be loaded at this point, so the second \"dm_target_iterate\"\ncall may need more space than what was the first \"dm_target_iterate\"\nreturned.\n\nThe code tries to handle this overflow (see the beginning of\nlist_version_get_info), however this handling is incorrect.\n\nThe code sets \"param-\u003edata_size = param-\u003edata_start + needed\" and\n\"iter_info.end = (char *)vers+len\" - \"needed\" is the size returned by the\nfirst dm_target_iterate call; \"len\" is the size of the buffer allocated by\nuserspace.\n\n\"len\" may be greater than \"needed\"; in this case, the code will write up\nto \"len\" bytes into the buffer, however param-\u003edata_size is set to\n\"needed\", so it may write data past the param-\u003edata_size value. The ioctl\ninterface copies only up to param-\u003edata_size into userspace, thus part of\nthe result will be truncated.\n\nFix this bug by setting \"iter_info.end = (char *)vers + needed;\" - this\nguarantees that the second \"dm_target_iterate\" call will write only up to\nthe \"needed\" buffer and it will exit with \"DM_BUFFER_FULL_FLAG\" if it\noverflows the \"needed\" space - in this case, userspace will allocate a\nlarger buffer and retry.\n\nNote that there is also a bug in list_version_get_needed - we need to add\n\"strlen(tt-\u003ename) + 1\" to the needed size, not \"strlen(tt-\u003ename)\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49771",
"url": "https://www.suse.com/security/cve/CVE-2022-49771"
},
{
"category": "external",
"summary": "SUSE Bug 1242686 for CVE-2022-49771",
"url": "https://bugzilla.suse.com/1242686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49771"
},
{
"cve": "CVE-2022-49772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()\n\nsnd_usbmidi_output_open() has a check of the NULL port with\nsnd_BUG_ON(). snd_BUG_ON() was used as this shouldn\u0027t have happened,\nbut in reality, the NULL port may be seen when the device gives an\ninvalid endpoint setup at the descriptor, hence the driver skips the\nallocation. That is, the check itself is valid and snd_BUG_ON()\nshould be dropped from there. Otherwise it\u0027s confusing as if it were\na real bug, as recently syzbot stumbled on it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49772",
"url": "https://www.suse.com/security/cve/CVE-2022-49772"
},
{
"category": "external",
"summary": "SUSE Bug 1242147 for CVE-2022-49772",
"url": "https://bugzilla.suse.com/1242147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49772"
},
{
"cve": "CVE-2022-49775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: cdg: allow tcp_cdg_release() to be called multiple times\n\nApparently, mptcp is able to call tcp_disconnect() on an already\ndisconnected flow. This is generally fine, unless current congestion\ncontrol is CDG, because it might trigger a double-free [1]\n\nInstead of fixing MPTCP, and future bugs, we can make tcp_disconnect()\nmore resilient.\n\n[1]\nBUG: KASAN: double-free in slab_free mm/slub.c:3539 [inline]\nBUG: KASAN: double-free in kfree+0xe2/0x580 mm/slub.c:4567\n\nCPU: 0 PID: 3645 Comm: kworker/0:7 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nWorkqueue: events mptcp_worker\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x719 mm/kasan/report.c:433\nkasan_report_invalid_free+0x81/0x190 mm/kasan/report.c:462\n____kasan_slab_free+0x18b/0x1c0 mm/kasan/common.c:356\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_disconnect+0x980/0x1e20 net/ipv4/tcp.c:3145\n__mptcp_close_ssk+0x5ca/0x7e0 net/mptcp/protocol.c:2327\nmptcp_do_fastclose net/mptcp/protocol.c:2592 [inline]\nmptcp_worker+0x78c/0xff0 net/mptcp/protocol.c:2627\nprocess_one_work+0x991/0x1610 kernel/workqueue.c:2289\nworker_thread+0x665/0x1080 kernel/workqueue.c:2436\nkthread+0x2e4/0x3a0 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n\u003c/TASK\u003e\n\nAllocated by task 3671:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track mm/kasan/common.c:45 [inline]\nset_alloc_info mm/kasan/common.c:437 [inline]\n____kasan_kmalloc mm/kasan/common.c:516 [inline]\n____kasan_kmalloc mm/kasan/common.c:475 [inline]\n__kasan_kmalloc+0xa9/0xd0 mm/kasan/common.c:525\nkmalloc_array include/linux/slab.h:640 [inline]\nkcalloc include/linux/slab.h:671 [inline]\ntcp_cdg_init+0x10d/0x170 net/ipv4/tcp_cdg.c:380\ntcp_init_congestion_control+0xab/0x550 net/ipv4/tcp_cong.c:193\ntcp_reinit_congestion_control net/ipv4/tcp_cong.c:217 [inline]\ntcp_set_congestion_control+0x96c/0xaa0 net/ipv4/tcp_cong.c:391\ndo_tcp_setsockopt+0x505/0x2320 net/ipv4/tcp.c:3513\ntcp_setsockopt+0xd4/0x100 net/ipv4/tcp.c:3801\nmptcp_setsockopt+0x35f/0x2570 net/mptcp/sockopt.c:844\n__sys_setsockopt+0x2d6/0x690 net/socket.c:2252\n__do_sys_setsockopt net/socket.c:2263 [inline]\n__se_sys_setsockopt net/socket.c:2260 [inline]\n__x64_sys_setsockopt+0xba/0x150 net/socket.c:2260\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFreed by task 16:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track+0x21/0x30 mm/kasan/common.c:45\nkasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370\n____kasan_slab_free mm/kasan/common.c:367 [inline]\n____kasan_slab_free+0x166/0x1c0 mm/kasan/common.c:329\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_cleanup_congestion_control+0x70/0x120 net/ipv4/tcp_cong.c:226\ntcp_v4_destroy_sock+0xdd/0x750 net/ipv4/tcp_ipv4.c:2254\ntcp_v6_destroy_sock+0x11/0x20 net/ipv6/tcp_ipv6.c:1969\ninet_csk_destroy_sock+0x196/0x440 net/ipv4/inet_connection_sock.c:1157\ntcp_done+0x23b/0x340 net/ipv4/tcp.c:4649\ntcp_rcv_state_process+0x40e7/0x4990 net/ipv4/tcp_input.c:6624\ntcp_v6_do_rcv+0x3fc/0x13c0 net/ipv6/tcp_ipv6.c:1525\ntcp_v6_rcv+0x2e8e/0x3830 net/ipv6/tcp_ipv6.c:1759\nip6_protocol_deliver_rcu+0x2db/0x1950 net/ipv6/ip6_input.c:439\nip6_input_finish+0x14c/0x2c0 net/ipv6/ip6_input.c:484\nNF_HOOK include/linux/netfilter.h:302 [inline]\nNF_HOOK include/linux/netfilter.h:296 [inline]\nip6_input+0x9c/0xd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49775",
"url": "https://www.suse.com/security/cve/CVE-2022-49775"
},
{
"category": "external",
"summary": "SUSE Bug 1242245 for CVE-2022-49775",
"url": "https://bugzilla.suse.com/1242245"
},
{
"category": "external",
"summary": "SUSE Bug 1242257 for CVE-2022-49775",
"url": "https://bugzilla.suse.com/1242257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2022-49775"
},
{
"cve": "CVE-2022-49776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: enforce a consistent minimal mtu\n\nmacvlan should enforce a minimal mtu of 68, even at link creation.\n\nThis patch avoids the current behavior (which could lead to crashes\nin ipv6 stack if the link is brought up)\n\n$ ip link add macvlan1 link eno1 mtu 8 type macvlan # This should fail !\n$ ip link sh dev macvlan1\n5: macvlan1@eno1: \u003cBROADCAST,MULTICAST\u003e mtu 8 qdisc noop\n state DOWN mode DEFAULT group default qlen 1000\n link/ether 02:47:6c:24:74:82 brd ff:ff:ff:ff:ff:ff\n$ ip link set macvlan1 mtu 67\nError: mtu less than device minimum.\n$ ip link set macvlan1 mtu 68\n$ ip link set macvlan1 mtu 8\nError: mtu less than device minimum.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49776",
"url": "https://www.suse.com/security/cve/CVE-2022-49776"
},
{
"category": "external",
"summary": "SUSE Bug 1242248 for CVE-2022-49776",
"url": "https://bugzilla.suse.com/1242248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49776"
},
{
"cve": "CVE-2022-49787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()\n\npci_get_device() will increase the reference count for the returned\npci_dev. We need to use pci_dev_put() to decrease the reference count\nbefore amd_probe() returns. There is no problem for the \u0027smbus_dev ==\nNULL\u0027 branch because pci_dev_put() can also handle the NULL input\nparameter case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49787",
"url": "https://www.suse.com/security/cve/CVE-2022-49787"
},
{
"category": "external",
"summary": "SUSE Bug 1242352 for CVE-2022-49787",
"url": "https://bugzilla.suse.com/1242352"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49787"
},
{
"cve": "CVE-2022-49788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\n\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\nwhich may carry uninitialized data to the userspace, as observed by\nKMSAN:\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\n instrument_copy_to_user ./include/linux/instrumented.h:121\n _copy_to_user+0x5f/0xb0 lib/usercopy.c:33\n copy_to_user ./include/linux/uaccess.h:169\n vmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\n vmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\n vfs_ioctl fs/ioctl.c:51\n ...\n\n Uninit was stored to memory at:\n kmemdup+0x74/0xb0 mm/util.c:131\n dg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\n vmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\n qp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n vmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\n vmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\n vmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\n ...\n\n Local variable ev created at:\n qp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\n qp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\n qp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\n\n Bytes 28-31 of 48 are uninitialized\n Memory access of size 48 starts at ffff888035155e00\n Data copied to user address 0000000020000100\n\nUse memset() to prevent the infoleaks.\n\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\nsame problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49788",
"url": "https://www.suse.com/security/cve/CVE-2022-49788"
},
{
"category": "external",
"summary": "SUSE Bug 1242353 for CVE-2022-49788",
"url": "https://bugzilla.suse.com/1242353"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49788"
},
{
"cve": "CVE-2022-49789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: zfcp: Fix double free of FSF request when qdio send fails\n\nWe used to use the wrong type of integer in \u0027zfcp_fsf_req_send()\u0027 to cache\nthe FSF request ID when sending a new FSF request. This is used in case the\nsending fails and we need to remove the request from our internal hash\ntable again (so we don\u0027t keep an invalid reference and use it when we free\nthe request again).\n\nIn \u0027zfcp_fsf_req_send()\u0027 we used to cache the ID as \u0027int\u0027 (signed and 32\nbit wide), but the rest of the zfcp code (and the firmware specification)\nhandles the ID as \u0027unsigned long\u0027/\u0027u64\u0027 (unsigned and 64 bit wide [s390x\nELF ABI]). For one this has the obvious problem that when the ID grows\npast 32 bit (this can happen reasonably fast) it is truncated to 32 bit\nwhen storing it in the cache variable and so doesn\u0027t match the original ID\nanymore. The second less obvious problem is that even when the original ID\nhas not yet grown past 32 bit, as soon as the 32nd bit is set in the\noriginal ID (0x80000000 = 2\u0027147\u0027483\u0027648) we will have a mismatch when we\ncast it back to \u0027unsigned long\u0027. As the cached variable is of a signed\ntype, the compiler will choose a sign-extending instruction to load the 32\nbit variable into a 64 bit register (e.g.: \u0027lgf %r11,188(%r15)\u0027). So once\nwe pass the cached variable into \u0027zfcp_reqlist_find_rm()\u0027 to remove the\nrequest again all the leading zeros will be flipped to ones to extend the\nsign and won\u0027t match the original ID anymore (this has been observed in\npractice).\n\nIf we can\u0027t successfully remove the request from the hash table again after\n\u0027zfcp_qdio_send()\u0027 fails (this happens regularly when zfcp cannot notify\nthe adapter about new work because the adapter is already gone during\ne.g. a ChpID toggle) we will end up with a double free. We unconditionally\nfree the request in the calling function when \u0027zfcp_fsf_req_send()\u0027 fails,\nbut because the request is still in the hash table we end up with a stale\nmemory reference, and once the zfcp adapter is either reset during recovery\nor shutdown we end up freeing the same memory twice.\n\nThe resulting stack traces vary depending on the kernel and have no direct\ncorrelation to the place where the bug occurs. Here are three examples that\nhave been seen in practice:\n\n list_del corruption. next-\u003eprev should be 00000001b9d13800, but was 00000000dead4ead. (next=00000001bd131a00)\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:62!\n monitor event: 0040 ilc:2 [#1] PREEMPT SMP\n Modules linked in: ...\n CPU: 9 PID: 1617 Comm: zfcperp0.0.1740 Kdump: loaded\n Hardware name: ...\n Krnl PSW : 0704d00180000000 00000003cbeea1f8 (__list_del_entry_valid+0x98/0x140)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3\n Krnl GPRS: 00000000916d12f1 0000000080000000 000000000000006d 00000003cb665cd6\n 0000000000000001 0000000000000000 0000000000000000 00000000d28d21e8\n 00000000d3844000 00000380099efd28 00000001bd131a00 00000001b9d13800\n 00000000d3290100 0000000000000000 00000003cbeea1f4 00000380099efc70\n Krnl Code: 00000003cbeea1e8: c020004f68a7 larl %r2,00000003cc8d7336\n 00000003cbeea1ee: c0e50027fd65 brasl %r14,00000003cc3e9cb8\n #00000003cbeea1f4: af000000 mc 0,0\n \u003e00000003cbeea1f8: c02000920440 larl %r2,00000003cd12aa78\n 00000003cbeea1fe: c0e500289c25 brasl %r14,00000003cc3fda48\n 00000003cbeea204: b9040043 lgr %r4,%r3\n 00000003cbeea208: b9040051 lgr %r5,%r1\n 00000003cbeea20c: b9040032 lgr %r3,%r2\n Call Trace:\n [\u003c00000003cbeea1f8\u003e] __list_del_entry_valid+0x98/0x140\n ([\u003c00000003cbeea1f4\u003e] __list_del_entry_valid+0x94/0x140)\n [\u003c000003ff7ff502fe\u003e] zfcp_fsf_req_dismiss_all+0xde/0x150 [zfcp]\n [\u003c000003ff7ff49cd0\u003e] zfcp_erp_strategy_do_action+0x160/0x280 [zfcp]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49789",
"url": "https://www.suse.com/security/cve/CVE-2022-49789"
},
{
"category": "external",
"summary": "SUSE Bug 1242366 for CVE-2022-49789",
"url": "https://bugzilla.suse.com/1242366"
},
{
"category": "external",
"summary": "SUSE Bug 1242376 for CVE-2022-49789",
"url": "https://bugzilla.suse.com/1242376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2022-49789"
},
{
"cve": "CVE-2022-49813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix error handling in ena_init()\n\nThe ena_init() won\u0027t destroy workqueue created by\ncreate_singlethread_workqueue() when pci_register_driver() failed.\nCall destroy_workqueue() when pci_register_driver() failed to prevent the\nresource leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49813",
"url": "https://www.suse.com/security/cve/CVE-2022-49813"
},
{
"category": "external",
"summary": "SUSE Bug 1242497 for CVE-2022-49813",
"url": "https://bugzilla.suse.com/1242497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49813"
},
{
"cve": "CVE-2022-49818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49818"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix misuse of put_device() in mISDN_register_device()\n\nWe should not release reference by put_device() before calling device_initialize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49818",
"url": "https://www.suse.com/security/cve/CVE-2022-49818"
},
{
"category": "external",
"summary": "SUSE Bug 1242527 for CVE-2022-49818",
"url": "https://bugzilla.suse.com/1242527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49818"
},
{
"cve": "CVE-2022-49821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible memory leak in mISDN_dsp_element_register()\n\nAfer commit 1fa5ae857bb1 (\"driver core: get rid of struct device\u0027s\nbus_id string array\"), the name of device is allocated dynamically,\nuse put_device() to give up the reference, so that the name can be\nfreed in kobject_cleanup() when the refcount is 0.\n\nThe \u0027entry\u0027 is going to be freed in mISDN_dsp_dev_release(), so the\nkfree() is removed. list_del() is called in mISDN_dsp_dev_release(),\nso it need be initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49821",
"url": "https://www.suse.com/security/cve/CVE-2022-49821"
},
{
"category": "external",
"summary": "SUSE Bug 1242542 for CVE-2022-49821",
"url": "https://bugzilla.suse.com/1242542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49821"
},
{
"cve": "CVE-2022-49822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix connections leak when tlink setup failed\n\nIf the tlink setup failed, lost to put the connections, then\nthe module refcnt leak since the cifsd kthread not exit.\n\nAlso leak the fscache info, and for next mount with fsc, it will\nprint the follow errors:\n CIFS: Cache volume key already in use (cifs,127.0.0.1:445,TEST)\n\nLet\u0027s check the result of tlink setup, and do some cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49822",
"url": "https://www.suse.com/security/cve/CVE-2022-49822"
},
{
"category": "external",
"summary": "SUSE Bug 1242544 for CVE-2022-49822",
"url": "https://bugzilla.suse.com/1242544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "low"
}
],
"title": "CVE-2022-49822"
},
{
"cve": "CVE-2022-49826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-transport: fix double ata_host_put() in ata_tport_add()\n\nIn the error path in ata_tport_add(), when calling put_device(),\nata_tport_release() is called, it will put the refcount of \u0027ap-\u003ehost\u0027.\n\nAnd then ata_host_put() is called again, the refcount is decreased\nto 0, ata_host_release() is called, all ports are freed and set to\nnull.\n\nWhen unbinding the device after failure, ata_host_stop() is called\nto release the resources, it leads a null-ptr-deref(), because all\nthe ports all freed and null.\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000008\nCPU: 7 PID: 18671 Comm: modprobe Kdump: loaded Tainted: G E 6.1.0-rc3+ #8\npstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : ata_host_stop+0x3c/0x84 [libata]\nlr : release_nodes+0x64/0xd0\nCall trace:\n ata_host_stop+0x3c/0x84 [libata]\n release_nodes+0x64/0xd0\n devres_release_all+0xbc/0x1b0\n device_unbind_cleanup+0x20/0x70\n really_probe+0x158/0x320\n __driver_probe_device+0x84/0x120\n driver_probe_device+0x44/0x120\n __driver_attach+0xb4/0x220\n bus_for_each_dev+0x78/0xdc\n driver_attach+0x2c/0x40\n bus_add_driver+0x184/0x240\n driver_register+0x80/0x13c\n __pci_register_driver+0x4c/0x60\n ahci_pci_driver_init+0x30/0x1000 [ahci]\n\nFix this by removing redundant ata_host_put() in the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49826",
"url": "https://www.suse.com/security/cve/CVE-2022-49826"
},
{
"category": "external",
"summary": "SUSE Bug 1242549 for CVE-2022-49826",
"url": "https://bugzilla.suse.com/1242549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49826"
},
{
"cve": "CVE-2022-49829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/scheduler: fix fence ref counting\n\nWe leaked dependency fences when processes were beeing killed.\n\nAdditional to that grab a reference to the last scheduled fence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49829",
"url": "https://www.suse.com/security/cve/CVE-2022-49829"
},
{
"category": "external",
"summary": "SUSE Bug 1242691 for CVE-2022-49829",
"url": "https://bugzilla.suse.com/1242691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49829"
},
{
"cve": "CVE-2022-49832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map\n\nHere is the BUG report by KASAN about null pointer dereference:\n\nBUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50\nRead of size 1 at addr 0000000000000000 by task python3/2640\nCall Trace:\n strcmp\n __of_find_property\n of_find_property\n pinctrl_dt_to_map\n\nkasprintf() would return NULL pointer when kmalloc() fail to allocate.\nSo directly return ENOMEM, if kasprintf() return NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49832",
"url": "https://www.suse.com/security/cve/CVE-2022-49832"
},
{
"category": "external",
"summary": "SUSE Bug 1242154 for CVE-2022-49832",
"url": "https://bugzilla.suse.com/1242154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49832"
},
{
"cve": "CVE-2022-49835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: fix potential memleak in \u0027add_widget_node\u0027\n\nAs \u0027kobject_add\u0027 may allocated memory for \u0027kobject-\u003ename\u0027 when return error.\nAnd in this function, if call \u0027kobject_add\u0027 failed didn\u0027t free kobject.\nSo call \u0027kobject_put\u0027 to recycling resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49835",
"url": "https://www.suse.com/security/cve/CVE-2022-49835"
},
{
"category": "external",
"summary": "SUSE Bug 1242385 for CVE-2022-49835",
"url": "https://bugzilla.suse.com/1242385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49835"
},
{
"cve": "CVE-2022-49840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()\n\nWe got a syzkaller problem because of aarch64 alignment fault\nif KFENCE enabled. When the size from user bpf program is an odd\nnumber, like 399, 407, etc, it will cause the struct skb_shared_info\u0027s\nunaligned access. As seen below:\n\n BUG: KFENCE: use-after-free read in __skb_clone+0x23c/0x2a0 net/core/skbuff.c:1032\n\n Use-after-free read at 0xffff6254fffac077 (in kfence-#213):\n __lse_atomic_add arch/arm64/include/asm/atomic_lse.h:26 [inline]\n arch_atomic_add arch/arm64/include/asm/atomic.h:28 [inline]\n arch_atomic_inc include/linux/atomic-arch-fallback.h:270 [inline]\n atomic_inc include/asm-generic/atomic-instrumented.h:241 [inline]\n __skb_clone+0x23c/0x2a0 net/core/skbuff.c:1032\n skb_clone+0xf4/0x214 net/core/skbuff.c:1481\n ____bpf_clone_redirect net/core/filter.c:2433 [inline]\n bpf_clone_redirect+0x78/0x1c0 net/core/filter.c:2420\n bpf_prog_d3839dd9068ceb51+0x80/0x330\n bpf_dispatcher_nop_func include/linux/bpf.h:728 [inline]\n bpf_test_run+0x3c0/0x6c0 net/bpf/test_run.c:53\n bpf_prog_test_run_skb+0x638/0xa7c net/bpf/test_run.c:594\n bpf_prog_test_run kernel/bpf/syscall.c:3148 [inline]\n __do_sys_bpf kernel/bpf/syscall.c:4441 [inline]\n __se_sys_bpf+0xad0/0x1634 kernel/bpf/syscall.c:4381\n\n kfence-#213: 0xffff6254fffac000-0xffff6254fffac196, size=407, cache=kmalloc-512\n\n allocated by task 15074 on cpu 0 at 1342.585390s:\n kmalloc include/linux/slab.h:568 [inline]\n kzalloc include/linux/slab.h:675 [inline]\n bpf_test_init.isra.0+0xac/0x290 net/bpf/test_run.c:191\n bpf_prog_test_run_skb+0x11c/0xa7c net/bpf/test_run.c:512\n bpf_prog_test_run kernel/bpf/syscall.c:3148 [inline]\n __do_sys_bpf kernel/bpf/syscall.c:4441 [inline]\n __se_sys_bpf+0xad0/0x1634 kernel/bpf/syscall.c:4381\n __arm64_sys_bpf+0x50/0x60 kernel/bpf/syscall.c:4381\n\nTo fix the problem, we adjust @size so that (@size + @hearoom) is a\nmultiple of SMP_CACHE_BYTES. So we make sure the struct skb_shared_info\nis aligned to a cache line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49840",
"url": "https://www.suse.com/security/cve/CVE-2022-49840"
},
{
"category": "external",
"summary": "SUSE Bug 1242447 for CVE-2022-49840",
"url": "https://bugzilla.suse.com/1242447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49840"
},
{
"cve": "CVE-2022-49842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Fix use-after-free in snd_soc_exit()\n\nKASAN reports a use-after-free:\n\nBUG: KASAN: use-after-free in device_del+0xb5b/0xc60\nRead of size 8 at addr ffff888008655050 by task rmmod/387\nCPU: 2 PID: 387 Comm: rmmod\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x79/0x9a\nprint_report+0x17f/0x47b\nkasan_report+0xbb/0xf0\ndevice_del+0xb5b/0xc60\nplatform_device_del.part.0+0x24/0x200\nplatform_device_unregister+0x2e/0x40\nsnd_soc_exit+0xa/0x22 [snd_soc_core]\n__do_sys_delete_module.constprop.0+0x34f/0x5b0\ndo_syscall_64+0x3a/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n...\n\u003c/TASK\u003e\n\nIt\u0027s bacause in snd_soc_init(), snd_soc_util_init() is possble to fail,\nbut its ret is ignored, which makes soc_dummy_dev unregistered twice.\n\nsnd_soc_init()\n snd_soc_util_init()\n platform_device_register_simple(soc_dummy_dev)\n platform_driver_register() # fail\n \tplatform_device_unregister(soc_dummy_dev)\n platform_driver_register() # success\n...\nsnd_soc_exit()\n snd_soc_util_exit()\n # soc_dummy_dev will be unregistered for second time\n\nTo fix it, handle error and stop snd_soc_init() when util_init() fail.\nAlso clean debugfs when util_init() or driver_register() fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49842",
"url": "https://www.suse.com/security/cve/CVE-2022-49842"
},
{
"category": "external",
"summary": "SUSE Bug 1242484 for CVE-2022-49842",
"url": "https://bugzilla.suse.com/1242484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49842"
},
{
"cve": "CVE-2022-49846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix a slab-out-of-bounds write bug in udf_find_entry()\n\nSyzbot reported a slab-out-of-bounds Write bug:\n\nloop0: detected capacity change from 0 to 2048\n==================================================================\nBUG: KASAN: slab-out-of-bounds in udf_find_entry+0x8a5/0x14f0\nfs/udf/namei.c:253\nWrite of size 105 at addr ffff8880123ff896 by task syz-executor323/3610\n\nCPU: 0 PID: 3610 Comm: syz-executor323 Not tainted\n6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0\nHardware name: Google Compute Engine/Google Compute Engine, BIOS\nGoogle 10/11/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report+0xcd/0x100 mm/kasan/report.c:495\n kasan_check_range+0x2a7/0x2e0 mm/kasan/generic.c:189\n memcpy+0x3c/0x60 mm/kasan/shadow.c:66\n udf_find_entry+0x8a5/0x14f0 fs/udf/namei.c:253\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7ffab0d164d9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe1a7e6bb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffab0d164d9\nRDX: 00007ffab0d164d9 RSI: 0000000000000000 RDI: 0000000020000180\nRBP: 00007ffab0cd5a10 R08: 0000000000000000 R09: 0000000000000000\nR10: 00005555573552c0 R11: 0000000000000246 R12: 00007ffab0cd5aa0\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nAllocated by task 3610:\n kasan_save_stack mm/kasan/common.c:45 [inline]\n kasan_set_track+0x3d/0x60 mm/kasan/common.c:52\n ____kasan_kmalloc mm/kasan/common.c:371 [inline]\n __kasan_kmalloc+0x97/0xb0 mm/kasan/common.c:380\n kmalloc include/linux/slab.h:576 [inline]\n udf_find_entry+0x7b6/0x14f0 fs/udf/namei.c:243\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe buggy address belongs to the object at ffff8880123ff800\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 150 bytes inside of\n 256-byte region [ffff8880123ff800, ffff8880123ff900)\n\nThe buggy address belongs to the physical page:\npage:ffffea000048ff80 refcount:1 mapcount:0 mapping:0000000000000000\nindex:0x0 pfn:0x123fe\nhead:ffffea000048ff80 order:1 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 ffffea00004b8500 dead000000000003 ffff888012041b40\nraw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(),\npid 1, tgid 1 (swapper/0), ts 1841222404, free_ts 0\n create_dummy_stack mm/page_owner.c:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49846",
"url": "https://www.suse.com/security/cve/CVE-2022-49846"
},
{
"category": "external",
"summary": "SUSE Bug 1242716 for CVE-2022-49846",
"url": "https://bugzilla.suse.com/1242716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49846"
},
{
"cve": "CVE-2022-49853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macvlan: fix memory leaks of macvlan_common_newlink\n\nkmemleak reports memory leaks in macvlan_common_newlink, as follows:\n\n ip link add link eth0 name .. type macvlan mode source macaddr add\n \u003cMAC-ADDR\u003e\n\nkmemleak reports:\n\nunreferenced object 0xffff8880109bb140 (size 64):\n comm \"ip\", pid 284, jiffies 4294986150 (age 430.108s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 b8 aa 5a 12 80 88 ff ff ..........Z.....\n 80 1b fa 0d 80 88 ff ff 1e ff ac af c7 c1 6b 6b ..............kk\n backtrace:\n [\u003cffffffff813e06a7\u003e] kmem_cache_alloc_trace+0x1c7/0x300\n [\u003cffffffff81b66025\u003e] macvlan_hash_add_source+0x45/0xc0\n [\u003cffffffff81b66a67\u003e] macvlan_changelink_sources+0xd7/0x170\n [\u003cffffffff81b6775c\u003e] macvlan_common_newlink+0x38c/0x5a0\n [\u003cffffffff81b6797e\u003e] macvlan_newlink+0xe/0x20\n [\u003cffffffff81d97f8f\u003e] __rtnl_newlink+0x7af/0xa50\n [\u003cffffffff81d98278\u003e] rtnl_newlink+0x48/0x70\n ...\n\nIn the scenario where the macvlan mode is configured as \u0027source\u0027,\nmacvlan_changelink_sources() will be execured to reconfigure list of\nremote source mac addresses, at the same time, if register_netdevice()\nreturn an error, the resource generated by macvlan_changelink_sources()\nis not cleaned up.\n\nUsing this patch, in the case of an error, it will execute\nmacvlan_flush_sources() to ensure that the resource is cleaned up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49853",
"url": "https://www.suse.com/security/cve/CVE-2022-49853"
},
{
"category": "external",
"summary": "SUSE Bug 1242688 for CVE-2022-49853",
"url": "https://bugzilla.suse.com/1242688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49853"
},
{
"cve": "CVE-2022-49861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()\n\nA clk_prepare_enable() call in the probe is not balanced by a corresponding\nclk_disable_unprepare() in the remove function.\n\nAdd the missing call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49861",
"url": "https://www.suse.com/security/cve/CVE-2022-49861"
},
{
"category": "external",
"summary": "SUSE Bug 1242580 for CVE-2022-49861",
"url": "https://bugzilla.suse.com/1242580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49861"
},
{
"cve": "CVE-2022-49862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix the msg-\u003ereq tlv len check in tipc_nl_compat_name_table_dump_header\n\nThis is a follow-up for commit 974cb0e3e7c9 (\"tipc: fix uninit-value\nin tipc_nl_compat_name_table_dump\") where it should have type casted\nsizeof(..) to int to work when TLV_GET_DATA_LEN() returns a negative\nvalue.\n\nsyzbot reported a call trace because of it:\n\n BUG: KMSAN: uninit-value in ...\n tipc_nl_compat_name_table_dump+0x841/0xea0 net/tipc/netlink_compat.c:934\n __tipc_nl_compat_dumpit+0xab2/0x1320 net/tipc/netlink_compat.c:238\n tipc_nl_compat_dumpit+0x991/0xb50 net/tipc/netlink_compat.c:321\n tipc_nl_compat_recv+0xb6e/0x1640 net/tipc/netlink_compat.c:1324\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:775 [inline]\n genl_rcv_msg+0x103f/0x1260 net/netlink/genetlink.c:792\n netlink_rcv_skb+0x3a5/0x6c0 net/netlink/af_netlink.c:2501\n genl_rcv+0x3c/0x50 net/netlink/genetlink.c:803\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0xf3b/0x1270 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x1288/0x1440 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg net/socket.c:734 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49862",
"url": "https://www.suse.com/security/cve/CVE-2022-49862"
},
{
"category": "external",
"summary": "SUSE Bug 1242755 for CVE-2022-49862",
"url": "https://bugzilla.suse.com/1242755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49862"
},
{
"cve": "CVE-2022-49865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network\n\nWhen copying a `struct ifaddrlblmsg` to the network, __ifal_reserved\nremained uninitialized, resulting in a 1-byte infoleak:\n\n BUG: KMSAN: kernel-network-infoleak in __netdev_start_xmit ./include/linux/netdevice.h:4841\n __netdev_start_xmit ./include/linux/netdevice.h:4841\n netdev_start_xmit ./include/linux/netdevice.h:4857\n xmit_one net/core/dev.c:3590\n dev_hard_start_xmit+0x1dc/0x800 net/core/dev.c:3606\n __dev_queue_xmit+0x17e8/0x4350 net/core/dev.c:4256\n dev_queue_xmit ./include/linux/netdevice.h:3009\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:307\n __netlink_deliver_tap+0x728/0xad0 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338\n __netlink_sendskb net/netlink/af_netlink.c:1263\n netlink_sendskb+0x1d9/0x200 net/netlink/af_netlink.c:1272\n netlink_unicast+0x56d/0xf50 net/netlink/af_netlink.c:1360\n nlmsg_unicast ./include/net/netlink.h:1061\n rtnl_unicast+0x5a/0x80 net/core/rtnetlink.c:758\n ip6addrlbl_get+0xfad/0x10f0 net/ipv6/addrlabel.c:628\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n ...\n Uninit was created at:\n slab_post_alloc_hook+0x118/0xb00 mm/slab.h:742\n slab_alloc_node mm/slub.c:3398\n __kmem_cache_alloc_node+0x4f2/0x930 mm/slub.c:3437\n __do_kmalloc_node mm/slab_common.c:954\n __kmalloc_node_track_caller+0x117/0x3d0 mm/slab_common.c:975\n kmalloc_reserve net/core/skbuff.c:437\n __alloc_skb+0x27a/0xab0 net/core/skbuff.c:509\n alloc_skb ./include/linux/skbuff.h:1267\n nlmsg_new ./include/net/netlink.h:964\n ip6addrlbl_get+0x490/0x10f0 net/ipv6/addrlabel.c:608\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n netlink_rcv_skb+0x299/0x550 net/netlink/af_netlink.c:2540\n rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:6109\n netlink_unicast_kernel net/netlink/af_netlink.c:1319\n netlink_unicast+0x9ab/0xf50 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0xebc/0x10f0 net/netlink/af_netlink.c:1921\n ...\n\nThis patch ensures that the reserved field is always initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49865",
"url": "https://www.suse.com/security/cve/CVE-2022-49865"
},
{
"category": "external",
"summary": "SUSE Bug 1242570 for CVE-2022-49865",
"url": "https://bugzilla.suse.com/1242570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49865"
},
{
"cve": "CVE-2022-49871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tun: Fix memory leaks of napi_get_frags\n\nkmemleak reports after running test_progs:\n\nunreferenced object 0xffff8881b1672dc0 (size 232):\n comm \"test_progs\", pid 394388, jiffies 4354712116 (age 841.975s)\n hex dump (first 32 bytes):\n e0 84 d7 a8 81 88 ff ff 80 2c 67 b1 81 88 ff ff .........,g.....\n 00 40 c5 9b 81 88 ff ff 00 00 00 00 00 00 00 00 .@..............\n backtrace:\n [\u003c00000000c8f01748\u003e] napi_skb_cache_get+0xd4/0x150\n [\u003c0000000041c7fc09\u003e] __napi_build_skb+0x15/0x50\n [\u003c00000000431c7079\u003e] __napi_alloc_skb+0x26e/0x540\n [\u003c000000003ecfa30e\u003e] napi_get_frags+0x59/0x140\n [\u003c0000000099b2199e\u003e] tun_get_user+0x183d/0x3bb0 [tun]\n [\u003c000000008a5adef0\u003e] tun_chr_write_iter+0xc0/0x1b1 [tun]\n [\u003c0000000049993ff4\u003e] do_iter_readv_writev+0x19f/0x320\n [\u003c000000008f338ea2\u003e] do_iter_write+0x135/0x630\n [\u003c000000008a3377a4\u003e] vfs_writev+0x12e/0x440\n [\u003c00000000a6b5639a\u003e] do_writev+0x104/0x280\n [\u003c00000000ccf065d8\u003e] do_syscall_64+0x3b/0x90\n [\u003c00000000d776e329\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe issue occurs in the following scenarios:\ntun_get_user()\n napi_gro_frags()\n napi_frags_finish()\n case GRO_NORMAL:\n gro_normal_one()\n list_add_tail(\u0026skb-\u003elist, \u0026napi-\u003erx_list);\n \u003c-- While napi-\u003erx_count \u003c READ_ONCE(gro_normal_batch),\n \u003c-- gro_normal_list() is not called, napi-\u003erx_list is not empty\n \u003c-- not ask to complete the gro work, will cause memory leaks in\n \u003c-- following tun_napi_del()\n...\ntun_napi_del()\n netif_napi_del()\n __netif_napi_del()\n \u003c-- \u0026napi-\u003erx_list is not empty, which caused memory leaks\n\nTo fix, add napi_complete() after napi_gro_frags().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49871",
"url": "https://www.suse.com/security/cve/CVE-2022-49871"
},
{
"category": "external",
"summary": "SUSE Bug 1242558 for CVE-2022-49871",
"url": "https://bugzilla.suse.com/1242558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49871"
},
{
"cve": "CVE-2022-49872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix panic on frag_list with mixed head alloc types\n\nSince commit 3dcbdb134f32 (\"net: gso: Fix skb_segment splat when\nsplitting gso_size mangled skb having linear-headed frag_list\"), it is\nallowed to change gso_size of a GRO packet. However, that commit assumes\nthat \"checking the first list_skb member suffices; i.e if either of the\nlist_skb members have non head_frag head, then the first one has too\".\n\nIt turns out this assumption does not hold. We\u0027ve seen BUG_ON being hit\nin skb_segment when skbs on the frag_list had differing head_frag with\nthe vmxnet3 driver. This happens because __netdev_alloc_skb and\n__napi_alloc_skb can return a skb that is page backed or kmalloced\ndepending on the requested size. As the result, the last small skb in\nthe GRO packet can be kmalloced.\n\nThere are three different locations where this can be fixed:\n\n(1) We could check head_frag in GRO and not allow GROing skbs with\n different head_frag. However, that would lead to performance\n regression on normal forward paths with unmodified gso_size, where\n !head_frag in the last packet is not a problem.\n\n(2) Set a flag in bpf_skb_net_grow and bpf_skb_net_shrink indicating\n that NETIF_F_SG is undesirable. That would need to eat a bit in\n sk_buff. Furthermore, that flag can be unset when all skbs on the\n frag_list are page backed. To retain good performance,\n bpf_skb_net_grow/shrink would have to walk the frag_list.\n\n(3) Walk the frag_list in skb_segment when determining whether\n NETIF_F_SG should be cleared. This of course slows things down.\n\nThis patch implements (3). To limit the performance impact in\nskb_segment, the list is walked only for skbs with SKB_GSO_DODGY set\nthat have gso_size changed. Normal paths thus will not hit it.\n\nWe could check only the last skb but since we need to walk the whole\nlist anyway, let\u0027s stay on the safe side.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49872",
"url": "https://www.suse.com/security/cve/CVE-2022-49872"
},
{
"category": "external",
"summary": "SUSE Bug 1242594 for CVE-2022-49872",
"url": "https://bugzilla.suse.com/1242594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49872"
},
{
"cve": "CVE-2022-49874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: fix possible memory leak in mousevsc_probe()\n\nIf hid_add_device() returns error, it should call hid_destroy_device()\nto free hid_dev which is allocated in hid_allocate_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49874",
"url": "https://www.suse.com/security/cve/CVE-2022-49874"
},
{
"category": "external",
"summary": "SUSE Bug 1242478 for CVE-2022-49874",
"url": "https://bugzilla.suse.com/1242478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49874"
},
{
"cve": "CVE-2022-49877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix the sk-\u003esk_forward_alloc warning of sk_stream_kill_queues\n\nWhen running `test_sockmap` selftests, the following warning appears:\n\n WARNING: CPU: 2 PID: 197 at net/core/stream.c:205 sk_stream_kill_queues+0xd3/0xf0\n Call Trace:\n \u003cTASK\u003e\n inet_csk_destroy_sock+0x55/0x110\n tcp_rcv_state_process+0xd28/0x1380\n ? tcp_v4_do_rcv+0x77/0x2c0\n tcp_v4_do_rcv+0x77/0x2c0\n __release_sock+0x106/0x130\n __tcp_close+0x1a7/0x4e0\n tcp_close+0x20/0x70\n inet_release+0x3c/0x80\n __sock_release+0x3a/0xb0\n sock_close+0x14/0x20\n __fput+0xa3/0x260\n task_work_run+0x59/0xb0\n exit_to_user_mode_prepare+0x1b3/0x1c0\n syscall_exit_to_user_mode+0x19/0x50\n do_syscall_64+0x48/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe root case is in commit 84472b436e76 (\"bpf, sockmap: Fix more uncharged\nwhile msg has more_data\"), where I used msg-\u003esg.size to replace the tosend,\ncausing breakage:\n\n if (msg-\u003eapply_bytes \u0026\u0026 msg-\u003eapply_bytes \u003c tosend)\n tosend = psock-\u003eapply_bytes;",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49877",
"url": "https://www.suse.com/security/cve/CVE-2022-49877"
},
{
"category": "external",
"summary": "SUSE Bug 1242483 for CVE-2022-49877",
"url": "https://bugzilla.suse.com/1242483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49877"
},
{
"cve": "CVE-2022-49880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix warning in \u0027ext4_da_release_space\u0027\n\nSyzkaller report issue as follows:\nEXT4-fs (loop0): Free/Dirty block details\nEXT4-fs (loop0): free_blocks=0\nEXT4-fs (loop0): dirty_blocks=0\nEXT4-fs (loop0): Block reservation details\nEXT4-fs (loop0): i_reserved_data_blocks=0\nEXT4-fs warning (device loop0): ext4_da_release_space:1527: ext4_da_release_space: ino 18, to_free 1 with only 0 reserved data blocks\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 92 at fs/ext4/inode.c:1528 ext4_da_release_space+0x25e/0x370 fs/ext4/inode.c:1524\nModules linked in:\nCPU: 0 PID: 92 Comm: kworker/u4:4 Not tainted 6.0.0-syzkaller-09423-g493ffd6605b2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nWorkqueue: writeback wb_workfn (flush-7:0)\nRIP: 0010:ext4_da_release_space+0x25e/0x370 fs/ext4/inode.c:1528\nRSP: 0018:ffffc900015f6c90 EFLAGS: 00010296\nRAX: 42215896cd52ea00 RBX: 0000000000000000 RCX: 42215896cd52ea00\nRDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000\nRBP: 1ffff1100e907d96 R08: ffffffff816aa79d R09: fffff520002bece5\nR10: fffff520002bece5 R11: 1ffff920002bece4 R12: ffff888021fd2000\nR13: ffff88807483ecb0 R14: 0000000000000001 R15: ffff88807483e740\nFS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555569ba628 CR3: 000000000c88e000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ext4_es_remove_extent+0x1ab/0x260 fs/ext4/extents_status.c:1461\n mpage_release_unused_pages+0x24d/0xef0 fs/ext4/inode.c:1589\n ext4_writepages+0x12eb/0x3be0 fs/ext4/inode.c:2852\n do_writepages+0x3c3/0x680 mm/page-writeback.c:2469\n __writeback_single_inode+0xd1/0x670 fs/fs-writeback.c:1587\n writeback_sb_inodes+0xb3b/0x18f0 fs/fs-writeback.c:1870\n wb_writeback+0x41f/0x7b0 fs/fs-writeback.c:2044\n wb_do_writeback fs/fs-writeback.c:2187 [inline]\n wb_workfn+0x3cb/0xef0 fs/fs-writeback.c:2227\n process_one_work+0x877/0xdb0 kernel/workqueue.c:2289\n worker_thread+0xb14/0x1330 kernel/workqueue.c:2436\n kthread+0x266/0x300 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e\n\nAbove issue may happens as follows:\next4_da_write_begin\n ext4_create_inline_data\n ext4_clear_inode_flag(inode, EXT4_INODE_EXTENTS);\n ext4_set_inode_flag(inode, EXT4_INODE_INLINE_DATA);\n__ext4_ioctl\n ext4_ext_migrate -\u003e will lead to eh-\u003eeh_entries not zero, and set extent flag\next4_da_write_begin\n ext4_da_convert_inline_data_to_extent\n ext4_da_write_inline_data_begin\n ext4_da_map_blocks\n ext4_insert_delayed_block\n\t if (!ext4_es_scan_clu(inode, \u0026ext4_es_is_delonly, lblk))\n\t if (!ext4_es_scan_clu(inode, \u0026ext4_es_is_mapped, lblk))\n\t ext4_clu_mapped(inode, EXT4_B2C(sbi, lblk)); -\u003e will return 1\n\t allocated = true;\n ext4_es_insert_delayed_block(inode, lblk, allocated);\next4_writepages\n mpage_map_and_submit_extent(handle, \u0026mpd, \u0026give_up_on_write); -\u003e return -ENOSPC\n mpage_release_unused_pages(\u0026mpd, give_up_on_write); -\u003e give_up_on_write == 1\n ext4_es_remove_extent\n ext4_da_release_space(inode, reserved);\n if (unlikely(to_free \u003e ei-\u003ei_reserved_data_blocks))\n\t -\u003e to_free == 1 but ei-\u003ei_reserved_data_blocks == 0\n\t -\u003e then trigger warning as above\n\nTo solve above issue, forbid inode do migrate which has inline data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49880",
"url": "https://www.suse.com/security/cve/CVE-2022-49880"
},
{
"category": "external",
"summary": "SUSE Bug 1242734 for CVE-2022-49880",
"url": "https://bugzilla.suse.com/1242734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49880"
},
{
"cve": "CVE-2022-49889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()\n\nOn some machines the number of listed CPUs may be bigger than the actual\nCPUs that exist. The tracing subsystem allocates a per_cpu directory with\naccess to the per CPU ring buffer via a cpuX file. But to save space, the\nring buffer will only allocate buffers for online CPUs, even though the\nCPU array will be as big as the nr_cpu_ids.\n\nWith the addition of waking waiters on the ring buffer when closing the\nfile, the ring_buffer_wake_waiters() now needs to make sure that the\nbuffer is allocated (with the irq_work allocated with it) before trying to\nwake waiters, as it will cause a NULL pointer dereference.\n\nWhile debugging this, I added a NULL check for the buffer itself (which is\nOK to do), and also NULL pointer checks against buffer-\u003ebuffers (which is\nnot fine, and will WARN) as well as making sure the CPU number passed in\nis within the nr_cpu_ids (which is also not fine if it isn\u0027t).\n\n\nBugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=1204705",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49889",
"url": "https://www.suse.com/security/cve/CVE-2022-49889"
},
{
"category": "external",
"summary": "SUSE Bug 1242455 for CVE-2022-49889",
"url": "https://bugzilla.suse.com/1242455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49889"
},
{
"cve": "CVE-2022-49892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix use-after-free for dynamic ftrace_ops\n\nKASAN reported a use-after-free with ftrace ops [1]. It was found from\nvmcore that perf had registered two ops with the same content\nsuccessively, both dynamic. After unregistering the second ops, a\nuse-after-free occurred.\n\nIn ftrace_shutdown(), when the second ops is unregistered, the\nFTRACE_UPDATE_CALLS command is not set because there is another enabled\nops with the same content. Also, both ops are dynamic and the ftrace\ncallback function is ftrace_ops_list_func, so the\nFTRACE_UPDATE_TRACE_FUNC command will not be set. Eventually the value\nof \u0027command\u0027 will be 0 and ftrace_shutdown() will skip the rcu\nsynchronization.\n\nHowever, ftrace may be activated. When the ops is released, another CPU\nmay be accessing the ops. Add the missing synchronization to fix this\nproblem.\n\n[1]\nBUG: KASAN: use-after-free in __ftrace_ops_list_func kernel/trace/ftrace.c:7020 [inline]\nBUG: KASAN: use-after-free in ftrace_ops_list_func+0x2b0/0x31c kernel/trace/ftrace.c:7049\nRead of size 8 at addr ffff56551965bbc8 by task syz-executor.2/14468\n\nCPU: 1 PID: 14468 Comm: syz-executor.2 Not tainted 5.10.0 #7\nHardware name: linux,dummy-virt (DT)\nCall trace:\n dump_backtrace+0x0/0x40c arch/arm64/kernel/stacktrace.c:132\n show_stack+0x30/0x40 arch/arm64/kernel/stacktrace.c:196\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x1b4/0x248 lib/dump_stack.c:118\n print_address_description.constprop.0+0x28/0x48c mm/kasan/report.c:387\n __kasan_report mm/kasan/report.c:547 [inline]\n kasan_report+0x118/0x210 mm/kasan/report.c:564\n check_memory_region_inline mm/kasan/generic.c:187 [inline]\n __asan_load8+0x98/0xc0 mm/kasan/generic.c:253\n __ftrace_ops_list_func kernel/trace/ftrace.c:7020 [inline]\n ftrace_ops_list_func+0x2b0/0x31c kernel/trace/ftrace.c:7049\n ftrace_graph_call+0x0/0x4\n __might_sleep+0x8/0x100 include/linux/perf_event.h:1170\n __might_fault mm/memory.c:5183 [inline]\n __might_fault+0x58/0x70 mm/memory.c:5171\n do_strncpy_from_user lib/strncpy_from_user.c:41 [inline]\n strncpy_from_user+0x1f4/0x4b0 lib/strncpy_from_user.c:139\n getname_flags+0xb0/0x31c fs/namei.c:149\n getname+0x2c/0x40 fs/namei.c:209\n [...]\n\nAllocated by task 14445:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:48\n kasan_set_track mm/kasan/common.c:56 [inline]\n __kasan_kmalloc mm/kasan/common.c:479 [inline]\n __kasan_kmalloc.constprop.0+0x110/0x13c mm/kasan/common.c:449\n kasan_kmalloc+0xc/0x14 mm/kasan/common.c:493\n kmem_cache_alloc_trace+0x440/0x924 mm/slub.c:2950\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:675 [inline]\n perf_event_alloc.part.0+0xb4/0x1350 kernel/events/core.c:11230\n perf_event_alloc kernel/events/core.c:11733 [inline]\n __do_sys_perf_event_open kernel/events/core.c:11831 [inline]\n __se_sys_perf_event_open+0x550/0x15f4 kernel/events/core.c:11723\n __arm64_sys_perf_event_open+0x6c/0x80 kernel/events/core.c:11723\n [...]\n\nFreed by task 14445:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:48\n kasan_set_track+0x24/0x34 mm/kasan/common.c:56\n kasan_set_free_info+0x20/0x40 mm/kasan/generic.c:358\n __kasan_slab_free.part.0+0x11c/0x1b0 mm/kasan/common.c:437\n __kasan_slab_free mm/kasan/common.c:445 [inline]\n kasan_slab_free+0x2c/0x40 mm/kasan/common.c:446\n slab_free_hook mm/slub.c:1569 [inline]\n slab_free_freelist_hook mm/slub.c:1608 [inline]\n slab_free mm/slub.c:3179 [inline]\n kfree+0x12c/0xc10 mm/slub.c:4176\n perf_event_alloc.part.0+0xa0c/0x1350 kernel/events/core.c:11434\n perf_event_alloc kernel/events/core.c:11733 [inline]\n __do_sys_perf_event_open kernel/events/core.c:11831 [inline]\n __se_sys_perf_event_open+0x550/0x15f4 kernel/events/core.c:11723\n [...]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49892",
"url": "https://www.suse.com/security/cve/CVE-2022-49892"
},
{
"category": "external",
"summary": "SUSE Bug 1242449 for CVE-2022-49892",
"url": "https://bugzilla.suse.com/1242449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49892"
},
{
"cve": "CVE-2022-49898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix tree mod log mishandling of reallocated nodes\n\nWe have been seeing the following panic in production\n\n kernel BUG at fs/btrfs/tree-mod-log.c:677!\n invalid opcode: 0000 [#1] SMP\n RIP: 0010:tree_mod_log_rewind+0x1b4/0x200\n RSP: 0000:ffffc9002c02f890 EFLAGS: 00010293\n RAX: 0000000000000003 RBX: ffff8882b448c700 RCX: 0000000000000000\n RDX: 0000000000008000 RSI: 00000000000000a7 RDI: ffff88877d831c00\n RBP: 0000000000000002 R08: 000000000000009f R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000100c40 R12: 0000000000000001\n R13: ffff8886c26d6a00 R14: ffff88829f5424f8 R15: ffff88877d831a00\n FS: 00007fee1d80c780(0000) GS:ffff8890400c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fee1963a020 CR3: 0000000434f33002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n btrfs_get_old_root+0x12b/0x420\n btrfs_search_old_slot+0x64/0x2f0\n ? tree_mod_log_oldest_root+0x3d/0xf0\n resolve_indirect_ref+0xfd/0x660\n ? ulist_alloc+0x31/0x60\n ? kmem_cache_alloc_trace+0x114/0x2c0\n find_parent_nodes+0x97a/0x17e0\n ? ulist_alloc+0x30/0x60\n btrfs_find_all_roots_safe+0x97/0x150\n iterate_extent_inodes+0x154/0x370\n ? btrfs_search_path_in_tree+0x240/0x240\n iterate_inodes_from_logical+0x98/0xd0\n ? btrfs_search_path_in_tree+0x240/0x240\n btrfs_ioctl_logical_to_ino+0xd9/0x180\n btrfs_ioctl+0xe2/0x2ec0\n ? __mod_memcg_lruvec_state+0x3d/0x280\n ? do_sys_openat2+0x6d/0x140\n ? kretprobe_dispatcher+0x47/0x70\n ? kretprobe_rethook_handler+0x38/0x50\n ? rethook_trampoline_handler+0x82/0x140\n ? arch_rethook_trampoline_callback+0x3b/0x50\n ? kmem_cache_free+0xfb/0x270\n ? do_sys_openat2+0xd5/0x140\n __x64_sys_ioctl+0x71/0xb0\n do_syscall_64+0x2d/0x40\n\nWhich is this code in tree_mod_log_rewind()\n\n\tswitch (tm-\u003eop) {\n case BTRFS_MOD_LOG_KEY_REMOVE_WHILE_FREEING:\n\t\tBUG_ON(tm-\u003eslot \u003c n);\n\nThis occurs because we replay the nodes in order that they happened, and\nwhen we do a REPLACE we will log a REMOVE_WHILE_FREEING for every slot,\nstarting at 0. \u0027n\u0027 here is the number of items in this block, which in\nthis case was 1, but we had 2 REMOVE_WHILE_FREEING operations.\n\nThe actual root cause of this was that we were replaying operations for\na block that shouldn\u0027t have been replayed. Consider the following\nsequence of events\n\n1. We have an already modified root, and we do a btrfs_get_tree_mod_seq().\n2. We begin removing items from this root, triggering KEY_REPLACE for\n it\u0027s child slots.\n3. We remove one of the 2 children this root node points to, thus triggering\n the root node promotion of the remaining child, and freeing this node.\n4. We modify a new root, and re-allocate the above node to the root node of\n this other root.\n\nThe tree mod log looks something like this\n\n\tlogical 0\top KEY_REPLACE (slot 1)\t\t\tseq 2\n\tlogical 0\top KEY_REMOVE (slot 1)\t\t\tseq 3\n\tlogical 0\top KEY_REMOVE_WHILE_FREEING (slot 0)\tseq 4\n\tlogical 4096\top LOG_ROOT_REPLACE (old logical 0)\tseq 5\n\tlogical 8192\top KEY_REMOVE_WHILE_FREEING (slot 1)\tseq 6\n\tlogical 8192\top KEY_REMOVE_WHILE_FREEING (slot 0)\tseq 7\n\tlogical 0\top LOG_ROOT_REPLACE (old logical 8192)\tseq 8\n\n\u003eFrom here the bug is triggered by the following steps\n\n1. Call btrfs_get_old_root() on the new_root.\n2. We call tree_mod_log_oldest_root(btrfs_root_node(new_root)), which is\n currently logical 0.\n3. tree_mod_log_oldest_root() calls tree_mod_log_search_oldest(), which\n gives us the KEY_REPLACE seq 2, and since that\u0027s not a\n LOG_ROOT_REPLACE we incorrectly believe that we don\u0027t have an old\n root, because we expect that the most recent change should be a\n LOG_ROOT_REPLACE.\n4. Back in tree_mod_log_oldest_root() we don\u0027t have a LOG_ROOT_REPLACE,\n so we don\u0027t set old_root, we simply use our e\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49898",
"url": "https://www.suse.com/security/cve/CVE-2022-49898"
},
{
"category": "external",
"summary": "SUSE Bug 1242472 for CVE-2022-49898",
"url": "https://bugzilla.suse.com/1242472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49898"
},
{
"cve": "CVE-2022-49906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Free rwi on reset success\n\nFree the rwi structure in the event that the last rwi in the list\nprocessed successfully. The logic in commit 4f408e1fa6e1 (\"ibmvnic:\nretry reset if there are no other resets\") introduces an issue that\nresults in a 32 byte memory leak whenever the last rwi in the list\ngets processed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49906",
"url": "https://www.suse.com/security/cve/CVE-2022-49906"
},
{
"category": "external",
"summary": "SUSE Bug 1242464 for CVE-2022-49906",
"url": "https://bugzilla.suse.com/1242464"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49906"
},
{
"cve": "CVE-2022-49907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mdio: fix undefined behavior in bit shift for __mdiobus_register\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in drivers/net/phy/mdio_bus.c:586:27\nleft shift of 1 by 31 places cannot be represented in type \u0027int\u0027\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n __mdiobus_register+0x49d/0x4e0\n fixed_mdio_bus_init+0xd8/0x12d\n do_one_initcall+0x76/0x430\n kernel_init_freeable+0x3b3/0x422\n kernel_init+0x24/0x1e0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49907",
"url": "https://www.suse.com/security/cve/CVE-2022-49907"
},
{
"category": "external",
"summary": "SUSE Bug 1242450 for CVE-2022-49907",
"url": "https://bugzilla.suse.com/1242450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49907"
},
{
"cve": "CVE-2022-49909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: fix use-after-free in l2cap_conn_del()\n\nWhen l2cap_recv_frame() is invoked to receive data, and the cid is\nL2CAP_CID_A2MP, if the channel does not exist, it will create a channel.\nHowever, after a channel is created, the hold operation of the channel\nis not performed. In this case, the value of channel reference counting\nis 1. As a result, after hci_error_reset() is triggered, l2cap_conn_del()\ninvokes the close hook function of A2MP to release the channel. Then\n l2cap_chan_unlock(chan) will trigger UAF issue.\n\nThe process is as follows:\nReceive data:\nl2cap_data_channel()\n a2mp_channel_create() ---\u003echannel ref is 2\n l2cap_chan_put() ---\u003echannel ref is 1\n\nTriger event:\n hci_error_reset()\n hci_dev_do_close()\n ...\n l2cap_disconn_cfm()\n l2cap_conn_del()\n l2cap_chan_hold() ---\u003echannel ref is 2\n l2cap_chan_del() ---\u003echannel ref is 1\n a2mp_chan_close_cb() ---\u003echannel ref is 0, release channel\n l2cap_chan_unlock() ---\u003eUAF of channel\n\nThe detailed Call Trace is as follows:\nBUG: KASAN: use-after-free in __mutex_unlock_slowpath+0xa6/0x5e0\nRead of size 8 at addr ffff8880160664b8 by task kworker/u11:1/7593\nWorkqueue: hci0 hci_error_reset\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xcd/0x134\n print_report.cold+0x2ba/0x719\n kasan_report+0xb1/0x1e0\n kasan_check_range+0x140/0x190\n __mutex_unlock_slowpath+0xa6/0x5e0\n l2cap_conn_del+0x404/0x7b0\n l2cap_disconn_cfm+0x8c/0xc0\n hci_conn_hash_flush+0x11f/0x260\n hci_dev_close_sync+0x5f5/0x11f0\n hci_dev_do_close+0x2d/0x70\n hci_error_reset+0x9e/0x140\n process_one_work+0x98a/0x1620\n worker_thread+0x665/0x1080\n kthread+0x2e4/0x3a0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e\n\nAllocated by task 7593:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0xa9/0xd0\n l2cap_chan_create+0x40/0x930\n amp_mgr_create+0x96/0x990\n a2mp_channel_create+0x7d/0x150\n l2cap_recv_frame+0x51b8/0x9a70\n l2cap_recv_acldata+0xaa3/0xc00\n hci_rx_work+0x702/0x1220\n process_one_work+0x98a/0x1620\n worker_thread+0x665/0x1080\n kthread+0x2e4/0x3a0\n ret_from_fork+0x1f/0x30\n\nFreed by task 7593:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_set_free_info+0x20/0x30\n ____kasan_slab_free+0x167/0x1c0\n slab_free_freelist_hook+0x89/0x1c0\n kfree+0xe2/0x580\n l2cap_chan_put+0x22a/0x2d0\n l2cap_conn_del+0x3fc/0x7b0\n l2cap_disconn_cfm+0x8c/0xc0\n hci_conn_hash_flush+0x11f/0x260\n hci_dev_close_sync+0x5f5/0x11f0\n hci_dev_do_close+0x2d/0x70\n hci_error_reset+0x9e/0x140\n process_one_work+0x98a/0x1620\n worker_thread+0x665/0x1080\n kthread+0x2e4/0x3a0\n ret_from_fork+0x1f/0x30\n\nLast potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0xbe/0xd0\n call_rcu+0x99/0x740\n netlink_release+0xe6a/0x1cf0\n __sock_release+0xcd/0x280\n sock_close+0x18/0x20\n __fput+0x27c/0xa90\n task_work_run+0xdd/0x1a0\n exit_to_user_mode_prepare+0x23c/0x250\n syscall_exit_to_user_mode+0x19/0x50\n do_syscall_64+0x42/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0xbe/0xd0\n call_rcu+0x99/0x740\n netlink_release+0xe6a/0x1cf0\n __sock_release+0xcd/0x280\n sock_close+0x18/0x20\n __fput+0x27c/0xa90\n task_work_run+0xdd/0x1a0\n exit_to_user_mode_prepare+0x23c/0x250\n syscall_exit_to_user_mode+0x19/0x50\n do_syscall_64+0x42/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49909",
"url": "https://www.suse.com/security/cve/CVE-2022-49909"
},
{
"category": "external",
"summary": "SUSE Bug 1242453 for CVE-2022-49909",
"url": "https://bugzilla.suse.com/1242453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49909"
},
{
"cve": "CVE-2022-49910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu\n\nFix the race condition between the following two flows that run in\nparallel:\n\n1. l2cap_reassemble_sdu -\u003e chan-\u003eops-\u003erecv (l2cap_sock_recv_cb) -\u003e\n __sock_queue_rcv_skb.\n\n2. bt_sock_recvmsg -\u003e skb_recv_datagram, skb_free_datagram.\n\nAn SKB can be queued by the first flow and immediately dequeued and\nfreed by the second flow, therefore the callers of l2cap_reassemble_sdu\ncan\u0027t use the SKB after that function returns. However, some places\ncontinue accessing struct l2cap_ctrl that resides in the SKB\u0027s CB for a\nshort time after l2cap_reassemble_sdu returns, leading to a\nuse-after-free condition (the stack trace is below, line numbers for\nkernel 5.19.8).\n\nFix it by keeping a local copy of struct l2cap_ctrl.\n\nBUG: KASAN: use-after-free in l2cap_rx_state_recv (net/bluetooth/l2cap_core.c:6906) bluetooth\nRead of size 1 at addr ffff88812025f2f0 by task kworker/u17:3/43169\n\nWorkqueue: hci0 hci_rx_work [bluetooth]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 4))\n print_report.cold (mm/kasan/report.c:314 mm/kasan/report.c:429)\n ? l2cap_rx_state_recv (net/bluetooth/l2cap_core.c:6906) bluetooth\n kasan_report (mm/kasan/report.c:162 mm/kasan/report.c:493)\n ? l2cap_rx_state_recv (net/bluetooth/l2cap_core.c:6906) bluetooth\n l2cap_rx_state_recv (net/bluetooth/l2cap_core.c:6906) bluetooth\n l2cap_rx (net/bluetooth/l2cap_core.c:7236 net/bluetooth/l2cap_core.c:7271) bluetooth\n ret_from_fork (arch/x86/entry/entry_64.S:306)\n \u003c/TASK\u003e\n\nAllocated by task 43169:\n kasan_save_stack (mm/kasan/common.c:39)\n __kasan_slab_alloc (mm/kasan/common.c:45 mm/kasan/common.c:436 mm/kasan/common.c:469)\n kmem_cache_alloc_node (mm/slab.h:750 mm/slub.c:3243 mm/slub.c:3293)\n __alloc_skb (net/core/skbuff.c:414)\n l2cap_recv_frag (./include/net/bluetooth/bluetooth.h:425 net/bluetooth/l2cap_core.c:8329) bluetooth\n l2cap_recv_acldata (net/bluetooth/l2cap_core.c:8442) bluetooth\n hci_rx_work (net/bluetooth/hci_core.c:3642 net/bluetooth/hci_core.c:3832) bluetooth\n process_one_work (kernel/workqueue.c:2289)\n worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2437)\n kthread (kernel/kthread.c:376)\n ret_from_fork (arch/x86/entry/entry_64.S:306)\n\nFreed by task 27920:\n kasan_save_stack (mm/kasan/common.c:39)\n kasan_set_track (mm/kasan/common.c:45)\n kasan_set_free_info (mm/kasan/generic.c:372)\n ____kasan_slab_free (mm/kasan/common.c:368 mm/kasan/common.c:328)\n slab_free_freelist_hook (mm/slub.c:1780)\n kmem_cache_free (mm/slub.c:3536 mm/slub.c:3553)\n skb_free_datagram (./include/net/sock.h:1578 ./include/net/sock.h:1639 net/core/datagram.c:323)\n bt_sock_recvmsg (net/bluetooth/af_bluetooth.c:295) bluetooth\n l2cap_sock_recvmsg (net/bluetooth/l2cap_sock.c:1212) bluetooth\n sock_read_iter (net/socket.c:1087)\n new_sync_read (./include/linux/fs.h:2052 fs/read_write.c:401)\n vfs_read (fs/read_write.c:482)\n ksys_read (fs/read_write.c:620)\n do_syscall_64 (arch/x86/entry/common.c:50 arch/x86/entry/common.c:80)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49910",
"url": "https://www.suse.com/security/cve/CVE-2022-49910"
},
{
"category": "external",
"summary": "SUSE Bug 1242452 for CVE-2022-49910",
"url": "https://bugzilla.suse.com/1242452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49910"
},
{
"cve": "CVE-2022-49913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix inode list leak during backref walking at find_parent_nodes()\n\nDuring backref walking, at find_parent_nodes(), if we are dealing with a\ndata extent and we get an error while resolving the indirect backrefs, at\nresolve_indirect_refs(), or in the while loop that iterates over the refs\nin the direct refs rbtree, we end up leaking the inode lists attached to\nthe direct refs we have in the direct refs rbtree that were not yet added\nto the refs ulist passed as argument to find_parent_nodes(). Since they\nwere not yet added to the refs ulist and prelim_release() does not free\nthe lists, on error the caller can only free the lists attached to the\nrefs that were added to the refs ulist, all the remaining refs get their\ninode lists never freed, therefore leaking their memory.\n\nFix this by having prelim_release() always free any attached inode list\nto each ref found in the rbtree, and have find_parent_nodes() set the\nref\u0027s inode list to NULL once it transfers ownership of the inode list\nto a ref added to the refs ulist passed to find_parent_nodes().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49913",
"url": "https://www.suse.com/security/cve/CVE-2022-49913"
},
{
"category": "external",
"summary": "SUSE Bug 1242470 for CVE-2022-49913",
"url": "https://bugzilla.suse.com/1242470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49913"
},
{
"cve": "CVE-2022-49914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix inode list leak during backref walking at resolve_indirect_refs()\n\nDuring backref walking, at resolve_indirect_refs(), if we get an error\nwe jump to the \u0027out\u0027 label and call ulist_free() on the \u0027parents\u0027 ulist,\nwhich frees all the elements in the ulist - however that does not free\nany inode lists that may be attached to elements, through the \u0027aux\u0027 field\nof a ulist node, so we end up leaking lists if we have any attached to\nthe unodes.\n\nFix this by calling free_leaf_list() instead of ulist_free() when we exit\nfrom resolve_indirect_refs(). The static function free_leaf_list() is\nmoved up for this to be possible and it\u0027s slightly simplified by removing\nunnecessary code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49914",
"url": "https://www.suse.com/security/cve/CVE-2022-49914"
},
{
"category": "external",
"summary": "SUSE Bug 1242427 for CVE-2022-49914",
"url": "https://bugzilla.suse.com/1242427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49914"
},
{
"cve": "CVE-2022-49915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible memory leak in mISDN_register_device()\n\nAfer commit 1fa5ae857bb1 (\"driver core: get rid of struct device\u0027s\nbus_id string array\"), the name of device is allocated dynamically,\nadd put_device() to give up the reference, so that the name can be\nfreed in kobject_cleanup() when the refcount is 0.\n\nSet device class before put_device() to avoid null release() function\nWARN message in device_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49915",
"url": "https://www.suse.com/security/cve/CVE-2022-49915"
},
{
"category": "external",
"summary": "SUSE Bug 1242409 for CVE-2022-49915",
"url": "https://bugzilla.suse.com/1242409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49915"
},
{
"cve": "CVE-2022-49922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()\n\nnfcmrvl_i2c_nci_send() will be called by nfcmrvl_nci_send(), and skb\nshould be freed in nfcmrvl_i2c_nci_send(). However, nfcmrvl_nci_send()\nwill only free skb when i2c_master_send() return \u003e=0, which means skb\nwill memleak when i2c_master_send() failed. Free skb no matter whether\ni2c_master_send() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49922",
"url": "https://www.suse.com/security/cve/CVE-2022-49922"
},
{
"category": "external",
"summary": "SUSE Bug 1242378 for CVE-2022-49922",
"url": "https://bugzilla.suse.com/1242378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49922"
},
{
"cve": "CVE-2022-49923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nxp-nci: Fix potential memory leak in nxp_nci_send()\n\nnxp_nci_send() will call nxp_nci_i2c_write(), and only free skb when\nnxp_nci_i2c_write() failed. However, even if the nxp_nci_i2c_write()\nrun succeeds, the skb will not be freed in nxp_nci_i2c_write(). As the\nresult, the skb will memleak. nxp_nci_send() should also free the skb\nwhen nxp_nci_i2c_write() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49923",
"url": "https://www.suse.com/security/cve/CVE-2022-49923"
},
{
"category": "external",
"summary": "SUSE Bug 1242394 for CVE-2022-49923",
"url": "https://bugzilla.suse.com/1242394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49923"
},
{
"cve": "CVE-2022-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fdp: Fix potential memory leak in fdp_nci_send()\n\nfdp_nci_send() will call fdp_nci_i2c_write that will not free skb in\nthe function. As a result, when fdp_nci_i2c_write() finished, the skb\nwill memleak. fdp_nci_send() should free skb after fdp_nci_i2c_write()\nfinished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49924",
"url": "https://www.suse.com/security/cve/CVE-2022-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1242426 for CVE-2022-49924",
"url": "https://bugzilla.suse.com/1242426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49924"
},
{
"cve": "CVE-2022-49925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix null-ptr-deref in ib_core_cleanup()\n\nKASAN reported a null-ptr-deref error:\n\n KASAN: null-ptr-deref in range [0x0000000000000118-0x000000000000011f]\n CPU: 1 PID: 379\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n RIP: 0010:destroy_workqueue+0x2f/0x740\n RSP: 0018:ffff888016137df8 EFLAGS: 00000202\n ...\n Call Trace:\n ib_core_cleanup+0xa/0xa1 [ib_core]\n __do_sys_delete_module.constprop.0+0x34f/0x5b0\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x7fa1a0d221b7\n ...\n\nIt is because the fail of roce_gid_mgmt_init() is ignored:\n\n ib_core_init()\n roce_gid_mgmt_init()\n gid_cache_wq = alloc_ordered_workqueue # fail\n ...\n ib_core_cleanup()\n roce_gid_mgmt_cleanup()\n destroy_workqueue(gid_cache_wq)\n # destroy an unallocated wq\n\nFix this by catching the fail of roce_gid_mgmt_init() in ib_core_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49925",
"url": "https://www.suse.com/security/cve/CVE-2022-49925"
},
{
"category": "external",
"summary": "SUSE Bug 1242371 for CVE-2022-49925",
"url": "https://bugzilla.suse.com/1242371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49925"
},
{
"cve": "CVE-2022-49927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs4: Fix kmemleak when allocate slot failed\n\nIf one of the slot allocate failed, should cleanup all the other\nallocated slots, otherwise, the allocated slots will leak:\n\n unreferenced object 0xffff8881115aa100 (size 64):\n comm \"\"mount.nfs\"\", pid 679, jiffies 4294744957 (age 115.037s)\n hex dump (first 32 bytes):\n 00 cc 19 73 81 88 ff ff 00 a0 5a 11 81 88 ff ff ...s......Z.....\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000007a4c434a\u003e] nfs4_find_or_create_slot+0x8e/0x130\n [\u003c000000005472a39c\u003e] nfs4_realloc_slot_table+0x23f/0x270\n [\u003c00000000cd8ca0eb\u003e] nfs40_init_client+0x4a/0x90\n [\u003c00000000128486db\u003e] nfs4_init_client+0xce/0x270\n [\u003c000000008d2cacad\u003e] nfs4_set_client+0x1a2/0x2b0\n [\u003c000000000e593b52\u003e] nfs4_create_server+0x300/0x5f0\n [\u003c00000000e4425dd2\u003e] nfs4_try_get_tree+0x65/0x110\n [\u003c00000000d3a6176f\u003e] vfs_get_tree+0x41/0xf0\n [\u003c0000000016b5ad4c\u003e] path_mount+0x9b3/0xdd0\n [\u003c00000000494cae71\u003e] __x64_sys_mount+0x190/0x1d0\n [\u003c000000005d56bdec\u003e] do_syscall_64+0x35/0x80\n [\u003c00000000687c9ae4\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49927",
"url": "https://www.suse.com/security/cve/CVE-2022-49927"
},
{
"category": "external",
"summary": "SUSE Bug 1242416 for CVE-2022-49927",
"url": "https://bugzilla.suse.com/1242416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49927"
},
{
"cve": "CVE-2022-49931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/hfi1: Correctly move list in sc_disable()\n\nCommit 13bac861952a (\"IB/hfi1: Fix abba locking issue with sc_disable()\")\nincorrectly tries to move a list from one list head to another. The\nresult is a kernel crash.\n\nThe crash is triggered when a link goes down and there are waiters for a\nsend to complete. The following signature is seen:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000030\n [...]\n Call Trace:\n sc_disable+0x1ba/0x240 [hfi1]\n pio_freeze+0x3d/0x60 [hfi1]\n handle_freeze+0x27/0x1b0 [hfi1]\n process_one_work+0x1b0/0x380\n ? process_one_work+0x380/0x380\n worker_thread+0x30/0x360\n ? process_one_work+0x380/0x380\n kthread+0xd7/0x100\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n\nThe fix is to use the correct call to move the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49931",
"url": "https://www.suse.com/security/cve/CVE-2022-49931"
},
{
"category": "external",
"summary": "SUSE Bug 1242382 for CVE-2022-49931",
"url": "https://bugzilla.suse.com/1242382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2022-49931"
},
{
"cve": "CVE-2023-1074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1074"
}
],
"notes": [
{
"category": "general",
"text": "A memory leak flaw was found in the Linux kernel\u0027s Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1074",
"url": "https://www.suse.com/security/cve/CVE-2023-1074"
},
{
"category": "external",
"summary": "SUSE Bug 1206677 for CVE-2023-1074",
"url": "https://bugzilla.suse.com/1206677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-1074"
},
{
"cve": "CVE-2023-1989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1989"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in btsdio_remove in drivers\\bluetooth\\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1989",
"url": "https://www.suse.com/security/cve/CVE-2023-1989"
},
{
"category": "external",
"summary": "SUSE Bug 1210336 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210336"
},
{
"category": "external",
"summary": "SUSE Bug 1210500 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1210500"
},
{
"category": "external",
"summary": "SUSE Bug 1213841 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213841"
},
{
"category": "external",
"summary": "SUSE Bug 1213842 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1213842"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-1989",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2023-1989"
},
{
"cve": "CVE-2023-1990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1990"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1990",
"url": "https://www.suse.com/security/cve/CVE-2023-1990"
},
{
"category": "external",
"summary": "SUSE Bug 1210337 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1210337"
},
{
"category": "external",
"summary": "SUSE Bug 1210501 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1210501"
},
{
"category": "external",
"summary": "SUSE Bug 1214128 for CVE-2023-1990",
"url": "https://bugzilla.suse.com/1214128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2023-1990"
},
{
"cve": "CVE-2023-52868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: prevent potential string overflow\n\nThe dev-\u003eid value comes from ida_alloc() so it\u0027s a number between zero\nand INT_MAX. If it\u0027s too high then these sprintf()s will overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52868",
"url": "https://www.suse.com/security/cve/CVE-2023-52868"
},
{
"category": "external",
"summary": "SUSE Bug 1225044 for CVE-2023-52868",
"url": "https://bugzilla.suse.com/1225044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52868"
},
{
"cve": "CVE-2023-52975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress\n\nBug report and analysis from Ding Hui.\n\nDuring iSCSI session logout, if another task accesses the shost ipaddress\nattr, we can get a KASAN UAF report like this:\n\n[ 276.942144] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0xe0\n[ 276.942535] Write of size 4 at addr ffff8881053b45b8 by task cat/4088\n[ 276.943511] CPU: 2 PID: 4088 Comm: cat Tainted: G E 6.1.0-rc8+ #3\n[ 276.943997] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n[ 276.944470] Call Trace:\n[ 276.944943] \u003cTASK\u003e\n[ 276.945397] dump_stack_lvl+0x34/0x48\n[ 276.945887] print_address_description.constprop.0+0x86/0x1e7\n[ 276.946421] print_report+0x36/0x4f\n[ 276.947358] kasan_report+0xad/0x130\n[ 276.948234] kasan_check_range+0x35/0x1c0\n[ 276.948674] _raw_spin_lock_bh+0x78/0xe0\n[ 276.949989] iscsi_sw_tcp_host_get_param+0xad/0x2e0 [iscsi_tcp]\n[ 276.951765] show_host_param_ISCSI_HOST_PARAM_IPADDRESS+0xe9/0x130 [scsi_transport_iscsi]\n[ 276.952185] dev_attr_show+0x3f/0x80\n[ 276.953005] sysfs_kf_seq_show+0x1fb/0x3e0\n[ 276.953401] seq_read_iter+0x402/0x1020\n[ 276.954260] vfs_read+0x532/0x7b0\n[ 276.955113] ksys_read+0xed/0x1c0\n[ 276.955952] do_syscall_64+0x38/0x90\n[ 276.956347] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.956769] RIP: 0033:0x7f5d3a679222\n[ 276.957161] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 32 c0 0b 00 e8 a5 fe 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n[ 276.958009] RSP: 002b:00007ffc864d16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[ 276.958431] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5d3a679222\n[ 276.958857] RDX: 0000000000020000 RSI: 00007f5d3a4fe000 RDI: 0000000000000003\n[ 276.959281] RBP: 00007f5d3a4fe000 R08: 00000000ffffffff R09: 0000000000000000\n[ 276.959682] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000020000\n[ 276.960126] R13: 0000000000000003 R14: 0000000000000000 R15: 0000557a26dada58\n[ 276.960536] \u003c/TASK\u003e\n[ 276.961357] Allocated by task 2209:\n[ 276.961756] kasan_save_stack+0x1e/0x40\n[ 276.962170] kasan_set_track+0x21/0x30\n[ 276.962557] __kasan_kmalloc+0x7e/0x90\n[ 276.962923] __kmalloc+0x5b/0x140\n[ 276.963308] iscsi_alloc_session+0x28/0x840 [scsi_transport_iscsi]\n[ 276.963712] iscsi_session_setup+0xda/0xba0 [libiscsi]\n[ 276.964078] iscsi_sw_tcp_session_create+0x1fd/0x330 [iscsi_tcp]\n[ 276.964431] iscsi_if_create_session.isra.0+0x50/0x260 [scsi_transport_iscsi]\n[ 276.964793] iscsi_if_recv_msg+0xc5a/0x2660 [scsi_transport_iscsi]\n[ 276.965153] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.965546] netlink_unicast+0x4d5/0x7b0\n[ 276.965905] netlink_sendmsg+0x78d/0xc30\n[ 276.966236] sock_sendmsg+0xe5/0x120\n[ 276.966576] ____sys_sendmsg+0x5fe/0x860\n[ 276.966923] ___sys_sendmsg+0xe0/0x170\n[ 276.967300] __sys_sendmsg+0xc8/0x170\n[ 276.967666] do_syscall_64+0x38/0x90\n[ 276.968028] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.968773] Freed by task 2209:\n[ 276.969111] kasan_save_stack+0x1e/0x40\n[ 276.969449] kasan_set_track+0x21/0x30\n[ 276.969789] kasan_save_free_info+0x2a/0x50\n[ 276.970146] __kasan_slab_free+0x106/0x190\n[ 276.970470] __kmem_cache_free+0x133/0x270\n[ 276.970816] device_release+0x98/0x210\n[ 276.971145] kobject_cleanup+0x101/0x360\n[ 276.971462] iscsi_session_teardown+0x3fb/0x530 [libiscsi]\n[ 276.971775] iscsi_sw_tcp_session_destroy+0xd8/0x130 [iscsi_tcp]\n[ 276.972143] iscsi_if_recv_msg+0x1bf1/0x2660 [scsi_transport_iscsi]\n[ 276.972485] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.972808] netlink_unicast+0x4d5/0x7b0\n[ 276.973201] netlink_sendmsg+0x78d/0xc30\n[ 276.973544] sock_sendmsg+0xe5/0x120\n[ 276.973864] ____sys_sendmsg+0x5fe/0x860\n[ 276.974248] ___sys_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52975",
"url": "https://www.suse.com/security/cve/CVE-2023-52975"
},
{
"category": "external",
"summary": "SUSE Bug 1240322 for CVE-2023-52975",
"url": "https://bugzilla.suse.com/1240322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52975"
},
{
"cve": "CVE-2023-52988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()\n\nsnd_hda_get_connections() can return a negative error code.\nIt may lead to accessing \u0027conn\u0027 array at a negative index.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52988",
"url": "https://www.suse.com/security/cve/CVE-2023-52988"
},
{
"category": "external",
"summary": "SUSE Bug 1240293 for CVE-2023-52988",
"url": "https://bugzilla.suse.com/1240293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52988"
},
{
"cve": "CVE-2023-52989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region\n\nThis patch is fix for Linux kernel v2.6.33 or later.\n\nFor request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem\nhave had an issue of use-after-free. The subsystem allows multiple\nuser space listeners to the region, while data of the payload was likely\nreleased before the listeners execute read(2) to access to it for copying\nto user space.\n\nThe issue was fixed by a commit 281e20323ab7 (\"firewire: core: fix\nuse-after-free regression in FCP handler\"). The object of payload is\nduplicated in kernel space for each listener. When the listener executes\nioctl(2) with FW_CDEV_IOC_SEND_RESPONSE request, the object is going to\nbe released.\n\nHowever, it causes memory leak since the commit relies on call of\nrelease_request() in drivers/firewire/core-cdev.c. Against the\nexpectation, the function is never called due to the design of\nrelease_client_resource(). The function delegates release task\nto caller when called with non-NULL fourth argument. The implementation\nof ioctl_send_response() is the case. It should release the object\nexplicitly.\n\nThis commit fixes the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52989",
"url": "https://www.suse.com/security/cve/CVE-2023-52989"
},
{
"category": "external",
"summary": "SUSE Bug 1240266 for CVE-2023-52989",
"url": "https://bugzilla.suse.com/1240266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52989"
},
{
"cve": "CVE-2023-52993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL\n\nBaoquan reported that after triggering a crash the subsequent crash-kernel\nfails to boot about half of the time. It triggers a NULL pointer\ndereference in the periodic tick code.\n\nThis happens because the legacy timer interrupt (IRQ0) is resent in\nsoftware which happens in soft interrupt (tasklet) context. In this context\nget_irq_regs() returns NULL which leads to the NULL pointer dereference.\n\nThe reason for the resend is a spurious APIC interrupt on the IRQ0 vector\nwhich is captured and leads to a resend when the legacy timer interrupt is\nenabled. This is wrong because the legacy PIC interrupts are level\ntriggered and therefore should never be resent in software, but nothing\never sets the IRQ_LEVEL flag on those interrupts, so the core code does not\nknow about their trigger type.\n\nEnsure that IRQ_LEVEL is set when the legacy PCI interrupts are set up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52993",
"url": "https://www.suse.com/security/cve/CVE-2023-52993"
},
{
"category": "external",
"summary": "SUSE Bug 1240297 for CVE-2023-52993",
"url": "https://bugzilla.suse.com/1240297"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-52993"
},
{
"cve": "CVE-2023-53039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53039"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: ipc: Fix potential use-after-free in work function\n\nWhen a reset notify IPC message is received, the ISR schedules a work\nfunction and passes the ISHTP device to it via a global pointer\nishtp_dev. If ish_probe() fails, the devm-managed device resources\nincluding ishtp_dev are freed, but the work is not cancelled, causing a\nuse-after-free when the work function tries to access ishtp_dev. Use\ndevm_work_autocancel() instead, so that the work is automatically\ncancelled if probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53039",
"url": "https://www.suse.com/security/cve/CVE-2023-53039"
},
{
"category": "external",
"summary": "SUSE Bug 1242745 for CVE-2023-53039",
"url": "https://bugzilla.suse.com/1242745"
},
{
"category": "external",
"summary": "SUSE Bug 1242880 for CVE-2023-53039",
"url": "https://bugzilla.suse.com/1242880"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53039"
},
{
"cve": "CVE-2023-53041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53041"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Perform lockless command completion in abort path\n\nWhile adding and removing the controller, the following call trace was\nobserved:\n\nWARNING: CPU: 3 PID: 623596 at kernel/dma/mapping.c:532 dma_free_attrs+0x33/0x50\nCPU: 3 PID: 623596 Comm: sh Kdump: loaded Not tainted 5.14.0-96.el9.x86_64 #1\nRIP: 0010:dma_free_attrs+0x33/0x50\n\nCall Trace:\n qla2x00_async_sns_sp_done+0x107/0x1b0 [qla2xxx]\n qla2x00_abort_srb+0x8e/0x250 [qla2xxx]\n ? ql_dbg+0x70/0x100 [qla2xxx]\n __qla2x00_abort_all_cmds+0x108/0x190 [qla2xxx]\n qla2x00_abort_all_cmds+0x24/0x70 [qla2xxx]\n qla2x00_abort_isp_cleanup+0x305/0x3e0 [qla2xxx]\n qla2x00_remove_one+0x364/0x400 [qla2xxx]\n pci_device_remove+0x36/0xa0\n __device_release_driver+0x17a/0x230\n device_release_driver+0x24/0x30\n pci_stop_bus_device+0x68/0x90\n pci_stop_and_remove_bus_device_locked+0x16/0x30\n remove_store+0x75/0x90\n kernfs_fop_write_iter+0x11c/0x1b0\n new_sync_write+0x11f/0x1b0\n vfs_write+0x1eb/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x5c/0x80\n ? do_user_addr_fault+0x1d8/0x680\n ? do_syscall_64+0x69/0x80\n ? exc_page_fault+0x62/0x140\n ? asm_exc_page_fault+0x8/0x30\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe command was completed in the abort path during driver unload with a\nlock held, causing the warning in abort path. Hence complete the command\nwithout any lock held.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53041",
"url": "https://www.suse.com/security/cve/CVE-2023-53041"
},
{
"category": "external",
"summary": "SUSE Bug 1242747 for CVE-2023-53041",
"url": "https://bugzilla.suse.com/1242747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53041"
},
{
"cve": "CVE-2023-53044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm stats: check for and propagate alloc_percpu failure\n\nCheck alloc_precpu()\u0027s return value and return an error from\ndm_stats_init() if it fails. Update alloc_dev() to fail if\ndm_stats_init() does.\n\nOtherwise, a NULL pointer dereference will occur in dm_stats_cleanup()\neven if dm-stats isn\u0027t being actively used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53044",
"url": "https://www.suse.com/security/cve/CVE-2023-53044"
},
{
"category": "external",
"summary": "SUSE Bug 1242759 for CVE-2023-53044",
"url": "https://bugzilla.suse.com/1242759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53044"
},
{
"cve": "CVE-2023-53045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: don\u0027t let userspace block driver unbind\n\nIn the unbind callback for f_uac1 and f_uac2, a call to snd_card_free()\nvia g_audio_cleanup() will disconnect the card and then wait for all\nresources to be released, which happens when the refcount falls to zero.\nSince userspace can keep the refcount incremented by not closing the\nrelevant file descriptor, the call to unbind may block indefinitely.\nThis can cause a deadlock during reboot, as evidenced by the following\nblocked task observed on my machine:\n\n task:reboot state:D stack:0 pid:2827 ppid:569 flags:0x0000000c\n Call trace:\n __switch_to+0xc8/0x140\n __schedule+0x2f0/0x7c0\n schedule+0x60/0xd0\n schedule_timeout+0x180/0x1d4\n wait_for_completion+0x78/0x180\n snd_card_free+0x90/0xa0\n g_audio_cleanup+0x2c/0x64\n afunc_unbind+0x28/0x60\n ...\n kernel_restart+0x4c/0xac\n __do_sys_reboot+0xcc/0x1ec\n __arm64_sys_reboot+0x28/0x30\n invoke_syscall+0x4c/0x110\n ...\n\nThe issue can also be observed by opening the card with arecord and\nthen stopping the process through the shell before unbinding:\n\n # arecord -D hw:UAC2Gadget -f S32_LE -c 2 -r 48000 /dev/null\n Recording WAVE \u0027/dev/null\u0027 : Signed 32 bit Little Endian, Rate 48000 Hz, Stereo\n ^Z[1]+ Stopped arecord -D hw:UAC2Gadget -f S32_LE -c 2 -r 48000 /dev/null\n # echo gadget.0 \u003e /sys/bus/gadget/drivers/configfs-gadget/unbind\n (observe that the unbind command never finishes)\n\nFix the problem by using snd_card_free_when_closed() instead, which will\nstill disconnect the card as desired, but defer the task of freeing the\nresources to the core once userspace closes its file descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53045",
"url": "https://www.suse.com/security/cve/CVE-2023-53045"
},
{
"category": "external",
"summary": "SUSE Bug 1242756 for CVE-2023-53045",
"url": "https://bugzilla.suse.com/1242756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53045"
},
{
"cve": "CVE-2023-53051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm crypt: add cond_resched() to dmcrypt_write()\n\nThe loop in dmcrypt_write may be running for unbounded amount of time,\nthus we need cond_resched() in it.\n\nThis commit fixes the following warning:\n\n[ 3391.153255][ C12] watchdog: BUG: soft lockup - CPU#12 stuck for 23s! [dmcrypt_write/2:2897]\n...\n[ 3391.387210][ C12] Call trace:\n[ 3391.390338][ C12] blk_attempt_bio_merge.part.6+0x38/0x158\n[ 3391.395970][ C12] blk_attempt_plug_merge+0xc0/0x1b0\n[ 3391.401085][ C12] blk_mq_submit_bio+0x398/0x550\n[ 3391.405856][ C12] submit_bio_noacct+0x308/0x380\n[ 3391.410630][ C12] dmcrypt_write+0x1e4/0x208 [dm_crypt]\n[ 3391.416005][ C12] kthread+0x130/0x138\n[ 3391.419911][ C12] ret_from_fork+0x10/0x18",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53051",
"url": "https://www.suse.com/security/cve/CVE-2023-53051"
},
{
"category": "external",
"summary": "SUSE Bug 1242284 for CVE-2023-53051",
"url": "https://bugzilla.suse.com/1242284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53051"
},
{
"cve": "CVE-2023-53056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Synchronize the IOCB count to be in order\n\nA system hang was observed with the following call trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 15 PID: 86747 Comm: nvme Kdump: loaded Not tainted 6.2.0+ #1\nHardware name: Dell Inc. PowerEdge R6515/04F3CJ, BIOS 2.7.3 03/31/2022\nRIP: 0010:__wake_up_common+0x55/0x190\nCode: 41 f6 01 04 0f 85 b2 00 00 00 48 8b 43 08 4c 8d\n 40 e8 48 8d 43 08 48 89 04 24 48 89 c6\\\n 49 8d 40 18 48 39 c6 0f 84 e9 00 00 00 \u003c49\u003e 8b 40 18 89 6c 24 14 31\n ed 4c 8d 60 e8 41 8b 18 f6 c3 04 75 5d\nRSP: 0018:ffffb05a82afbba0 EFLAGS: 00010082\nRAX: 0000000000000000 RBX: ffff8f9b83a00018 RCX: 0000000000000000\nRDX: 0000000000000001 RSI: ffff8f9b83a00020 RDI: ffff8f9b83a00018\nRBP: 0000000000000001 R08: ffffffffffffffe8 R09: ffffb05a82afbbf8\nR10: 70735f7472617473 R11: 5f30307832616c71 R12: 0000000000000001\nR13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f815cf4c740(0000) GS:ffff8f9eeed80000(0000)\n\tknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000010633a000 CR4: 0000000000350ee0\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x83/0xd0\n qla_nvme_ls_req+0x21b/0x2b0 [qla2xxx]\n __nvme_fc_send_ls_req+0x1b5/0x350 [nvme_fc]\n nvme_fc_xmt_disconnect_assoc+0xca/0x110 [nvme_fc]\n nvme_fc_delete_association+0x1bf/0x220 [nvme_fc]\n ? nvme_remove_namespaces+0x9f/0x140 [nvme_core]\n nvme_do_delete_ctrl+0x5b/0xa0 [nvme_core]\n nvme_sysfs_delete+0x5f/0x70 [nvme_core]\n kernfs_fop_write_iter+0x12b/0x1c0\n vfs_write+0x2a3/0x3b0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x5c/0x90\n ? syscall_exit_work+0x103/0x130\n ? syscall_exit_to_user_mode+0x12/0x30\n ? do_syscall_64+0x69/0x90\n ? exit_to_user_mode_loop+0xd0/0x130\n ? exit_to_user_mode_prepare+0xec/0x100\n ? syscall_exit_to_user_mode+0x12/0x30\n ? do_syscall_64+0x69/0x90\n ? syscall_exit_to_user_mode+0x12/0x30\n ? do_syscall_64+0x69/0x90\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\n RIP: 0033:0x7f815cd3eb97\n\nThe IOCB counts are out of order and that would block any commands from\ngoing out and subsequently hang the system. Synchronize the IOCB count to\nbe in correct order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53056",
"url": "https://www.suse.com/security/cve/CVE-2023-53056"
},
{
"category": "external",
"summary": "SUSE Bug 1242219 for CVE-2023-53056",
"url": "https://bugzilla.suse.com/1242219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53056"
},
{
"cve": "CVE-2023-53060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: revert rtnl_lock() that causes deadlock\n\nThe commit 6faee3d4ee8b (\"igb: Add lock to avoid data race\") adds\nrtnl_lock to eliminate a false data race shown below\n\n (FREE from device detaching) | (USE from netdev core)\nigb_remove | igb_ndo_get_vf_config\n igb_disable_sriov | vf \u003e= adapter-\u003evfs_allocated_count?\n kfree(adapter-\u003evf_data) |\n adapter-\u003evfs_allocated_count = 0 |\n | memcpy(... adapter-\u003evf_data[vf]\n\nThe above race will never happen and the extra rtnl_lock causes deadlock\nbelow\n\n[ 141.420169] \u003cTASK\u003e\n[ 141.420672] __schedule+0x2dd/0x840\n[ 141.421427] schedule+0x50/0xc0\n[ 141.422041] schedule_preempt_disabled+0x11/0x20\n[ 141.422678] __mutex_lock.isra.13+0x431/0x6b0\n[ 141.423324] unregister_netdev+0xe/0x20\n[ 141.423578] igbvf_remove+0x45/0xe0 [igbvf]\n[ 141.423791] pci_device_remove+0x36/0xb0\n[ 141.423990] device_release_driver_internal+0xc1/0x160\n[ 141.424270] pci_stop_bus_device+0x6d/0x90\n[ 141.424507] pci_stop_and_remove_bus_device+0xe/0x20\n[ 141.424789] pci_iov_remove_virtfn+0xba/0x120\n[ 141.425452] sriov_disable+0x2f/0xf0\n[ 141.425679] igb_disable_sriov+0x4e/0x100 [igb]\n[ 141.426353] igb_remove+0xa0/0x130 [igb]\n[ 141.426599] pci_device_remove+0x36/0xb0\n[ 141.426796] device_release_driver_internal+0xc1/0x160\n[ 141.427060] driver_detach+0x44/0x90\n[ 141.427253] bus_remove_driver+0x55/0xe0\n[ 141.427477] pci_unregister_driver+0x2a/0xa0\n[ 141.428296] __x64_sys_delete_module+0x141/0x2b0\n[ 141.429126] ? mntput_no_expire+0x4a/0x240\n[ 141.429363] ? syscall_trace_enter.isra.19+0x126/0x1a0\n[ 141.429653] do_syscall_64+0x5b/0x80\n[ 141.429847] ? exit_to_user_mode_prepare+0x14d/0x1c0\n[ 141.430109] ? syscall_exit_to_user_mode+0x12/0x30\n[ 141.430849] ? do_syscall_64+0x67/0x80\n[ 141.431083] ? syscall_exit_to_user_mode_prepare+0x183/0x1b0\n[ 141.431770] ? syscall_exit_to_user_mode+0x12/0x30\n[ 141.432482] ? do_syscall_64+0x67/0x80\n[ 141.432714] ? exc_page_fault+0x64/0x140\n[ 141.432911] entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nSince the igb_disable_sriov() will call pci_disable_sriov() before\nreleasing any resources, the netdev core will synchronize the cleanup to\navoid any races. This patch removes the useless rtnl_(un)lock to guarantee\ncorrectness.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53060",
"url": "https://www.suse.com/security/cve/CVE-2023-53060"
},
{
"category": "external",
"summary": "SUSE Bug 1242241 for CVE-2023-53060",
"url": "https://bugzilla.suse.com/1242241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53060"
},
{
"cve": "CVE-2023-53062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc95xx: Limit packet length to skb-\u003elen\n\nPacket length retrieved from descriptor may be larger than\nthe actual socket buffer length. In such case the cloned\nskb passed up the network stack will leak kernel memory contents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53062",
"url": "https://www.suse.com/security/cve/CVE-2023-53062"
},
{
"category": "external",
"summary": "SUSE Bug 1242228 for CVE-2023-53062",
"url": "https://bugzilla.suse.com/1242228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53062"
},
{
"cve": "CVE-2023-53066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info\n\nWe have to make sure that the info returned by the helper is valid\nbefore using it.\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE\nstatic analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53066",
"url": "https://www.suse.com/security/cve/CVE-2023-53066"
},
{
"category": "external",
"summary": "SUSE Bug 1242227 for CVE-2023-53066",
"url": "https://bugzilla.suse.com/1242227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53066"
},
{
"cve": "CVE-2023-53068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: lan78xx: Limit packet length to skb-\u003elen\n\nPacket length retrieved from descriptor may be larger than\nthe actual socket buffer length. In such case the cloned\nskb passed up the network stack will leak kernel memory contents.\n\nAdditionally prevent integer underflow when size is less than\nETH_FCS_LEN.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53068",
"url": "https://www.suse.com/security/cve/CVE-2023-53068"
},
{
"category": "external",
"summary": "SUSE Bug 1242239 for CVE-2023-53068",
"url": "https://bugzilla.suse.com/1242239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53068"
},
{
"cve": "CVE-2023-53075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix invalid address access in lookup_rec() when index is 0\n\nKASAN reported follow problem:\n\n BUG: KASAN: use-after-free in lookup_rec\n Read of size 8 at addr ffff000199270ff0 by task modprobe\n CPU: 2 Comm: modprobe\n Call trace:\n kasan_report\n __asan_load8\n lookup_rec\n ftrace_location\n arch_check_ftrace_location\n check_kprobe_address_safe\n register_kprobe\n\nWhen checking pg-\u003erecords[pg-\u003eindex - 1].ip in lookup_rec(), it can get a\npg which is newly added to ftrace_pages_start in ftrace_process_locs().\nBefore the first pg-\u003eindex++, index is 0 and accessing pg-\u003erecords[-1].ip\nwill cause this problem.\n\nDon\u0027t check the ip when pg-\u003eindex is 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53075",
"url": "https://www.suse.com/security/cve/CVE-2023-53075"
},
{
"category": "external",
"summary": "SUSE Bug 1242218 for CVE-2023-53075",
"url": "https://bugzilla.suse.com/1242218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53075"
},
{
"cve": "CVE-2023-53078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_dh_alua: Fix memleak for \u0027qdata\u0027 in alua_activate()\n\nIf alua_rtpg_queue() failed from alua_activate(), then \u0027qdata\u0027 is not\nfreed, which will cause following memleak:\n\nunreferenced object 0xffff88810b2c6980 (size 32):\n comm \"kworker/u16:2\", pid 635322, jiffies 4355801099 (age 1216426.076s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 40 39 24 c1 ff ff ff ff 00 f8 ea 0a 81 88 ff ff @9$.............\n backtrace:\n [\u003c0000000098f3a26d\u003e] alua_activate+0xb0/0x320\n [\u003c000000003b529641\u003e] scsi_dh_activate+0xb2/0x140\n [\u003c000000007b296db3\u003e] activate_path_work+0xc6/0xe0 [dm_multipath]\n [\u003c000000007adc9ace\u003e] process_one_work+0x3c5/0x730\n [\u003c00000000c457a985\u003e] worker_thread+0x93/0x650\n [\u003c00000000cb80e628\u003e] kthread+0x1ba/0x210\n [\u003c00000000a1e61077\u003e] ret_from_fork+0x22/0x30\n\nFix the problem by freeing \u0027qdata\u0027 in error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53078",
"url": "https://www.suse.com/security/cve/CVE-2023-53078"
},
{
"category": "external",
"summary": "SUSE Bug 1242231 for CVE-2023-53078",
"url": "https://bugzilla.suse.com/1242231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53078"
},
{
"cve": "CVE-2023-53079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix steering rules cleanup\n\nvport\u0027s mc, uc and multicast rules are not deleted in teardown path when\nEEH happens. Since the vport\u0027s promisc settings(uc, mc and all) in\nfirmware are reset after EEH, mlx5 driver will try to delete the above\nrules in the initialization path. This cause kernel crash because these\nsoftware rules are no longer valid.\n\nFix by nullifying these rules right after delete to avoid accessing any dangling\npointers.\n\nCall Trace:\n__list_del_entry_valid+0xcc/0x100 (unreliable)\ntree_put_node+0xf4/0x1b0 [mlx5_core]\ntree_remove_node+0x30/0x70 [mlx5_core]\nmlx5_del_flow_rules+0x14c/0x1f0 [mlx5_core]\nesw_apply_vport_rx_mode+0x10c/0x200 [mlx5_core]\nesw_update_vport_rx_mode+0xb4/0x180 [mlx5_core]\nesw_vport_change_handle_locked+0x1ec/0x230 [mlx5_core]\nesw_enable_vport+0x130/0x260 [mlx5_core]\nmlx5_eswitch_enable_sriov+0x2a0/0x2f0 [mlx5_core]\nmlx5_device_enable_sriov+0x74/0x440 [mlx5_core]\nmlx5_load_one+0x114c/0x1550 [mlx5_core]\nmlx5_pci_resume+0x68/0xf0 [mlx5_core]\neeh_report_resume+0x1a4/0x230\neeh_pe_dev_traverse+0x98/0x170\neeh_handle_normal_event+0x3e4/0x640\neeh_handle_event+0x4c/0x370\neeh_event_handler+0x14c/0x210\nkthread+0x168/0x1b0\nret_from_kernel_thread+0x5c/0x84",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53079",
"url": "https://www.suse.com/security/cve/CVE-2023-53079"
},
{
"category": "external",
"summary": "SUSE Bug 1242765 for CVE-2023-53079",
"url": "https://bugzilla.suse.com/1242765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53079"
},
{
"cve": "CVE-2023-53080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: Add missing overflow check in xdp_umem_reg\n\nThe number of chunks can overflow u32. Make sure to return -EINVAL on\noverflow. Also remove a redundant u32 cast assigning umem-\u003enpgs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53080",
"url": "https://www.suse.com/security/cve/CVE-2023-53080"
},
{
"category": "external",
"summary": "SUSE Bug 1242287 for CVE-2023-53080",
"url": "https://bugzilla.suse.com/1242287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53080"
},
{
"cve": "CVE-2023-53094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: fsl_lpuart: fix race on RX DMA shutdown\n\nFrom time to time DMA completion can come in the middle of DMA shutdown:\n\n\u003cprocess ctx\u003e:\t\t\t\t\u003cIRQ\u003e:\nlpuart32_shutdown()\n lpuart_dma_shutdown()\n del_timer_sync()\n\t\t\t\t\tlpuart_dma_rx_complete()\n\t\t\t\t\t lpuart_copy_rx_to_tty()\n\t\t\t\t\t mod_timer()\n lpuart_dma_rx_free()\n\nWhen the timer fires a bit later, sport-\u003edma_rx_desc is NULL:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000004\npc : lpuart_copy_rx_to_tty+0xcc/0x5bc\nlr : lpuart_timer_func+0x1c/0x2c\nCall trace:\n lpuart_copy_rx_to_tty\n lpuart_timer_func\n call_timer_fn\n __run_timers.part.0\n run_timer_softirq\n __do_softirq\n __irq_exit_rcu\n irq_exit\n handle_domain_irq\n gic_handle_irq\n call_on_irq_stack\n do_interrupt_handler\n ...\n\nTo fix this fold del_timer_sync() into lpuart_dma_rx_free() after\ndmaengine_terminate_sync() to make sure timer will not be re-started in\nlpuart_copy_rx_to_tty() \u003c= lpuart_dma_rx_complete().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53094",
"url": "https://www.suse.com/security/cve/CVE-2023-53094"
},
{
"category": "external",
"summary": "SUSE Bug 1242288 for CVE-2023-53094",
"url": "https://bugzilla.suse.com/1242288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53094"
},
{
"cve": "CVE-2023-53100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix WARNING in ext4_update_inline_data\n\nSyzbot found the following issue:\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none.\nfscrypt: AES-256-CTS-CBC using implementation \"cts-cbc-aes-aesni\"\nfscrypt: AES-256-XTS using implementation \"xts-aes-aesni\"\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 5071 at mm/page_alloc.c:5525 __alloc_pages+0x30a/0x560 mm/page_alloc.c:5525\nModules linked in:\nCPU: 1 PID: 5071 Comm: syz-executor263 Not tainted 6.2.0-rc1-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nRIP: 0010:__alloc_pages+0x30a/0x560 mm/page_alloc.c:5525\nRSP: 0018:ffffc90003c2f1c0 EFLAGS: 00010246\nRAX: ffffc90003c2f220 RBX: 0000000000000014 RCX: 0000000000000000\nRDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003c2f248\nRBP: ffffc90003c2f2d8 R08: dffffc0000000000 R09: ffffc90003c2f220\nR10: fffff52000785e49 R11: 1ffff92000785e44 R12: 0000000000040d40\nR13: 1ffff92000785e40 R14: dffffc0000000000 R15: 1ffff92000785e3c\nFS: 0000555556c0d300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f95d5e04138 CR3: 00000000793aa000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __alloc_pages_node include/linux/gfp.h:237 [inline]\n alloc_pages_node include/linux/gfp.h:260 [inline]\n __kmalloc_large_node+0x95/0x1e0 mm/slab_common.c:1113\n __do_kmalloc_node mm/slab_common.c:956 [inline]\n __kmalloc+0xfe/0x190 mm/slab_common.c:981\n kmalloc include/linux/slab.h:584 [inline]\n kzalloc include/linux/slab.h:720 [inline]\n ext4_update_inline_data+0x236/0x6b0 fs/ext4/inline.c:346\n ext4_update_inline_dir fs/ext4/inline.c:1115 [inline]\n ext4_try_add_inline_entry+0x328/0x990 fs/ext4/inline.c:1307\n ext4_add_entry+0x5a4/0xeb0 fs/ext4/namei.c:2385\n ext4_add_nondir+0x96/0x260 fs/ext4/namei.c:2772\n ext4_create+0x36c/0x560 fs/ext4/namei.c:2817\n lookup_open fs/namei.c:3413 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x12ac/0x2dd0 fs/namei.c:3711\n do_filp_open+0x264/0x4f0 fs/namei.c:3741\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_openat fs/open.c:1342 [inline]\n __se_sys_openat fs/open.c:1337 [inline]\n __x64_sys_openat+0x243/0x290 fs/open.c:1337\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAbove issue happens as follows:\next4_iget\n ext4_find_inline_data_nolock -\u003ei_inline_off=164 i_inline_size=60\next4_try_add_inline_entry\n __ext4_mark_inode_dirty\n ext4_expand_extra_isize_ea -\u003ei_extra_isize=32 s_want_extra_isize=44\n ext4_xattr_shift_entries\n\t -\u003eafter shift i_inline_off is incorrect, actually is change to 176\next4_try_add_inline_entry\n ext4_update_inline_dir\n get_max_inline_xattr_value_size\n if (EXT4_I(inode)-\u003ei_inline_off)\n\tentry = (struct ext4_xattr_entry *)((void *)raw_inode +\n\t\t\tEXT4_I(inode)-\u003ei_inline_off);\n free += EXT4_XATTR_SIZE(le32_to_cpu(entry-\u003ee_value_size));\n\t-\u003eAs entry is incorrect, then \u0027free\u0027 may be negative\n ext4_update_inline_data\n value = kzalloc(len, GFP_NOFS);\n -\u003e len is unsigned int, maybe very large, then trigger warning when\n \u0027kzalloc()\u0027\n\nTo resolve the above issue we need to update \u0027i_inline_off\u0027 after\n\u0027ext4_xattr_shift_entries()\u0027. We do not need to set\nEXT4_STATE_MAY_INLINE_DATA flag here, since ext4_mark_inode_dirty()\nalready sets this flag if needed. Setting EXT4_STATE_MAY_INLINE_DATA\nwhen it is needed may trigger a BUG_ON in ext4_writepages().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53100",
"url": "https://www.suse.com/security/cve/CVE-2023-53100"
},
{
"category": "external",
"summary": "SUSE Bug 1242790 for CVE-2023-53100",
"url": "https://bugzilla.suse.com/1242790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53100"
},
{
"cve": "CVE-2023-53101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: zero i_disksize when initializing the bootloader inode\n\nIf the boot loader inode has never been used before, the\nEXT4_IOC_SWAP_BOOT inode will initialize it, including setting the\ni_size to 0. However, if the \"never before used\" boot loader has a\nnon-zero i_size, then i_disksize will be non-zero, and the\ninconsistency between i_size and i_disksize can trigger a kernel\nwarning:\n\n WARNING: CPU: 0 PID: 2580 at fs/ext4/file.c:319\n CPU: 0 PID: 2580 Comm: bb Not tainted 6.3.0-rc1-00004-g703695902cfa\n RIP: 0010:ext4_file_write_iter+0xbc7/0xd10\n Call Trace:\n vfs_write+0x3b1/0x5c0\n ksys_write+0x77/0x160\n __x64_sys_write+0x22/0x30\n do_syscall_64+0x39/0x80\n\nReproducer:\n 1. create corrupted image and mount it:\n mke2fs -t ext4 /tmp/foo.img 200\n debugfs -wR \"sif \u003c5\u003e size 25700\" /tmp/foo.img\n mount -t ext4 /tmp/foo.img /mnt\n cd /mnt\n echo 123 \u003e file\n 2. Run the reproducer program:\n posix_memalign(\u0026buf, 1024, 1024)\n fd = open(\"file\", O_RDWR | O_DIRECT);\n ioctl(fd, EXT4_IOC_SWAP_BOOT);\n write(fd, buf, 1024);\n\nFix this by setting i_disksize as well as i_size to zero when\ninitiaizing the boot loader inode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53101",
"url": "https://www.suse.com/security/cve/CVE-2023-53101"
},
{
"category": "external",
"summary": "SUSE Bug 1242791 for CVE-2023-53101",
"url": "https://bugzilla.suse.com/1242791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53101"
},
{
"cve": "CVE-2023-53103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: restore bond\u0027s IFF_SLAVE flag if a non-eth dev enslave fails\n\nsyzbot reported a warning[1] where the bond device itself is a slave and\nwe try to enslave a non-ethernet device as the first slave which fails\nbut then in the error path when ether_setup() restores the bond device\nit also clears all flags. In my previous fix[2] I restored the\nIFF_MASTER flag, but I didn\u0027t consider the case that the bond device\nitself might also be a slave with IFF_SLAVE set, so we need to restore\nthat flag as well. Use the bond_ether_setup helper which does the right\nthing and restores the bond\u0027s flags properly.\n\nSteps to reproduce using a nlmon dev:\n $ ip l add nlmon0 type nlmon\n $ ip l add bond1 type bond\n $ ip l add bond2 type bond\n $ ip l set bond1 master bond2\n $ ip l set dev nlmon0 master bond1\n $ ip -d l sh dev bond1\n 22: bond1: \u003cBROADCAST,MULTICAST,MASTER\u003e mtu 1500 qdisc noqueue master bond2 state DOWN mode DEFAULT group default qlen 1000\n (now bond1\u0027s IFF_SLAVE flag is gone and we\u0027ll hit a warning[3] if we\n try to delete it)\n\n[1] https://syzkaller.appspot.com/bug?id=391c7b1f6522182899efba27d891f1743e8eb3ef\n[2] commit 7d5cd2ce5292 (\"bonding: correctly handle bonding type change on enslave failure\")\n[3] example warning:\n [ 27.008664] bond1: (slave nlmon0): The slave device specified does not support setting the MAC address\n [ 27.008692] bond1: (slave nlmon0): Error -95 calling set_mac_address\n [ 32.464639] bond1 (unregistering): Released all slaves\n [ 32.464685] ------------[ cut here ]------------\n [ 32.464686] WARNING: CPU: 1 PID: 2004 at net/core/dev.c:10829 unregister_netdevice_many+0x72a/0x780\n [ 32.464694] Modules linked in: br_netfilter bridge bonding virtio_net\n [ 32.464699] CPU: 1 PID: 2004 Comm: ip Kdump: loaded Not tainted 5.18.0-rc3+ #47\n [ 32.464703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.1-2.fc37 04/01/2014\n [ 32.464704] RIP: 0010:unregister_netdevice_many+0x72a/0x780\n [ 32.464707] Code: 99 fd ff ff ba 90 1a 00 00 48 c7 c6 f4 02 66 96 48 c7 c7 20 4d 35 96 c6 05 fa c7 2b 02 01 e8 be 6f 4a 00 0f 0b e9 73 fd ff ff \u003c0f\u003e 0b e9 5f fd ff ff 80 3d e3 c7 2b 02 00 0f 85 3b fd ff ff ba 59\n [ 32.464710] RSP: 0018:ffffa006422d7820 EFLAGS: 00010206\n [ 32.464712] RAX: ffff8f6e077140a0 RBX: ffffa006422d7888 RCX: 0000000000000000\n [ 32.464714] RDX: ffff8f6e12edbe58 RSI: 0000000000000296 RDI: ffffffff96d4a520\n [ 32.464716] RBP: ffff8f6e07714000 R08: ffffffff96d63600 R09: ffffa006422d7728\n [ 32.464717] R10: 0000000000000ec0 R11: ffffffff9698c988 R12: ffff8f6e12edb140\n [ 32.464719] R13: dead000000000122 R14: dead000000000100 R15: ffff8f6e12edb140\n [ 32.464723] FS: 00007f297c2f1740(0000) GS:ffff8f6e5d900000(0000) knlGS:0000000000000000\n [ 32.464725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 32.464726] CR2: 00007f297bf1c800 CR3: 00000000115e8000 CR4: 0000000000350ee0\n [ 32.464730] Call Trace:\n [ 32.464763] \u003cTASK\u003e\n [ 32.464767] rtnl_dellink+0x13e/0x380\n [ 32.464776] ? cred_has_capability.isra.0+0x68/0x100\n [ 32.464780] ? __rtnl_unlock+0x33/0x60\n [ 32.464783] ? bpf_lsm_capset+0x10/0x10\n [ 32.464786] ? security_capable+0x36/0x50\n [ 32.464790] rtnetlink_rcv_msg+0x14e/0x3b0\n [ 32.464792] ? _copy_to_iter+0xb1/0x790\n [ 32.464796] ? post_alloc_hook+0xa0/0x160\n [ 32.464799] ? rtnl_calcit.isra.0+0x110/0x110\n [ 32.464802] netlink_rcv_skb+0x50/0xf0\n [ 32.464806] netlink_unicast+0x216/0x340\n [ 32.464809] netlink_sendmsg+0x23f/0x480\n [ 32.464812] sock_sendmsg+0x5e/0x60\n [ 32.464815] ____sys_sendmsg+0x22c/0x270\n [ 32.464818] ? import_iovec+0x17/0x20\n [ 32.464821] ? sendmsg_copy_msghdr+0x59/0x90\n [ 32.464823] ? do_set_pte+0xa0/0xe0\n [ 32.464828] ___sys_sendmsg+0x81/0xc0\n [ 32.464832] ? mod_objcg_state+0xc6/0x300\n [ 32.464835] ? refill_obj_stock+0xa9/0x160\n [ 32.464838] ? memcg_slab_free_hook+0x1a5/0x1f0\n [ 32.464842] __sys_sendm\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53103",
"url": "https://www.suse.com/security/cve/CVE-2023-53103"
},
{
"category": "external",
"summary": "SUSE Bug 1242408 for CVE-2023-53103",
"url": "https://bugzilla.suse.com/1242408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53103"
},
{
"cve": "CVE-2023-53106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: st-nci: Fix use after free bug in ndlc_remove due to race condition\n\nThis bug influences both st_nci_i2c_remove and st_nci_spi_remove.\nTake st_nci_i2c_remove as an example.\n\nIn st_nci_i2c_probe, it called ndlc_probe and bound \u0026ndlc-\u003esm_work\nwith llt_ndlc_sm_work.\n\nWhen it calls ndlc_recv or timeout handler, it will finally call\nschedule_work to start the work.\n\nWhen we call st_nci_i2c_remove to remove the driver, there\nmay be a sequence as follows:\n\nFix it by finishing the work before cleanup in ndlc_remove\n\nCPU0 CPU1\n\n |llt_ndlc_sm_work\nst_nci_i2c_remove |\n ndlc_remove |\n st_nci_remove |\n nci_free_device|\n kfree(ndev) |\n//free ndlc-\u003endev |\n |llt_ndlc_rcv_queue\n |nci_recv_frame\n |//use ndlc-\u003endev",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53106",
"url": "https://www.suse.com/security/cve/CVE-2023-53106"
},
{
"category": "external",
"summary": "SUSE Bug 1242215 for CVE-2023-53106",
"url": "https://bugzilla.suse.com/1242215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53106"
},
{
"cve": "CVE-2023-53108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/iucv: Fix size of interrupt data\n\niucv_irq_data needs to be 4 bytes larger.\nThese bytes are not used by the iucv module, but written by\nthe z/VM hypervisor in case a CPU is deconfigured.\n\nReported as:\nBUG dma-kmalloc-64 (Not tainted): kmalloc Redzone overwritten\n-----------------------------------------------------------------------------\n0x0000000000400564-0x0000000000400567 @offset=1380. First byte 0x80 instead of 0xcc\nAllocated in iucv_cpu_prepare+0x44/0xd0 age=167839 cpu=2 pid=1\n__kmem_cache_alloc_node+0x166/0x450\nkmalloc_node_trace+0x3a/0x70\niucv_cpu_prepare+0x44/0xd0\ncpuhp_invoke_callback+0x156/0x2f0\ncpuhp_issue_call+0xf0/0x298\n__cpuhp_setup_state_cpuslocked+0x136/0x338\n__cpuhp_setup_state+0xf4/0x288\niucv_init+0xf4/0x280\ndo_one_initcall+0x78/0x390\ndo_initcalls+0x11a/0x140\nkernel_init_freeable+0x25e/0x2a0\nkernel_init+0x2e/0x170\n__ret_from_fork+0x3c/0x58\nret_from_fork+0xa/0x40\nFreed in iucv_init+0x92/0x280 age=167839 cpu=2 pid=1\n__kmem_cache_free+0x308/0x358\niucv_init+0x92/0x280\ndo_one_initcall+0x78/0x390\ndo_initcalls+0x11a/0x140\nkernel_init_freeable+0x25e/0x2a0\nkernel_init+0x2e/0x170\n__ret_from_fork+0x3c/0x58\nret_from_fork+0xa/0x40\nSlab 0x0000037200010000 objects=32 used=30 fp=0x0000000000400640 flags=0x1ffff00000010200(slab|head|node=0|zone=0|\nObject 0x0000000000400540 @offset=1344 fp=0x0000000000000000\nRedzone 0000000000400500: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400510: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400520: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400530: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nObject 0000000000400540: 00 01 00 03 00 00 00 00 00 00 00 00 00 00 00 00 ................\nObject 0000000000400550: f3 86 81 f2 f4 82 f8 82 f0 f0 f0 f0 f0 f0 f0 f2 ................\nObject 0000000000400560: 00 00 00 00 80 00 00 00 cc cc cc cc cc cc cc cc ................\nObject 0000000000400570: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc ................\nRedzone 0000000000400580: cc cc cc cc cc cc cc cc ........\nPadding 00000000004005d4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ\nPadding 00000000004005e4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ\nPadding 00000000004005f4: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\nCPU: 6 PID: 121030 Comm: 116-pai-crypto. Not tainted 6.3.0-20230221.rc0.git4.99b8246b2d71.300.fc37.s390x+debug #1\nHardware name: IBM 3931 A01 704 (z/VM 7.3.0)\nCall Trace:\n[\u003c000000032aa034ec\u003e] dump_stack_lvl+0xac/0x100\n[\u003c0000000329f5a6cc\u003e] check_bytes_and_report+0x104/0x140\n[\u003c0000000329f5aa78\u003e] check_object+0x370/0x3c0\n[\u003c0000000329f5ede6\u003e] free_debug_processing+0x15e/0x348\n[\u003c0000000329f5f06a\u003e] free_to_partial_list+0x9a/0x2f0\n[\u003c0000000329f5f4a4\u003e] __slab_free+0x1e4/0x3a8\n[\u003c0000000329f61768\u003e] __kmem_cache_free+0x308/0x358\n[\u003c000000032a91465c\u003e] iucv_cpu_dead+0x6c/0x88\n[\u003c0000000329c2fc66\u003e] cpuhp_invoke_callback+0x156/0x2f0\n[\u003c000000032aa062da\u003e] _cpu_down.constprop.0+0x22a/0x5e0\n[\u003c0000000329c3243e\u003e] cpu_device_down+0x4e/0x78\n[\u003c000000032a61dee0\u003e] device_offline+0xc8/0x118\n[\u003c000000032a61e048\u003e] online_store+0x60/0xe0\n[\u003c000000032a08b6b0\u003e] kernfs_fop_write_iter+0x150/0x1e8\n[\u003c0000000329fab65c\u003e] vfs_write+0x174/0x360\n[\u003c0000000329fab9fc\u003e] ksys_write+0x74/0x100\n[\u003c000000032aa03a5a\u003e] __do_syscall+0x1da/0x208\n[\u003c000000032aa177b2\u003e] system_call+0x82/0xb0\nINFO: lockdep is turned off.\nFIX dma-kmalloc-64: Restoring kmalloc Redzone 0x0000000000400564-0x0000000000400567=0xcc\nFIX dma-kmalloc-64: Object at 0x0000000000400540 not freed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53108",
"url": "https://www.suse.com/security/cve/CVE-2023-53108"
},
{
"category": "external",
"summary": "SUSE Bug 1242422 for CVE-2023-53108",
"url": "https://bugzilla.suse.com/1242422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53108"
},
{
"cve": "CVE-2023-53109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tunnels: annotate lockless accesses to dev-\u003eneeded_headroom\n\nIP tunnels can apparently update dev-\u003eneeded_headroom\nin their xmit path.\n\nThis patch takes care of three tunnels xmit, and also the\ncore LL_RESERVED_SPACE() and LL_RESERVED_SPACE_EXTRA()\nhelpers.\n\nMore changes might be needed for completeness.\n\nBUG: KCSAN: data-race in ip_tunnel_xmit / ip_tunnel_xmit\n\nread to 0xffff88815b9da0ec of 2 bytes by task 888 on cpu 1:\nip_tunnel_xmit+0x1270/0x1730 net/ipv4/ip_tunnel.c:803\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/ipv4/ip_output.c:430\ndst_output include/net/dst.h:444 [inline]\nip_local_out+0x64/0x80 net/ipv4/ip_output.c:126\niptunnel_xmit+0x34a/0x4b0 net/ipv4/ip_tunnel_core.c:82\nip_tunnel_xmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813\n__gre_xmit net/ipv4/ip_gre.c:469 [inline]\nipgre_xmit+0x516/0x570 net/ipv4/ip_gre.c:661\n__netdev_start_xmit include/linux/netdevice.h:4881 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4895 [inline]\nxmit_one net/core/dev.c:3580 [inline]\ndev_hard_start_xmit+0x127/0x400 net/core/dev.c:3596\n__dev_queue_xmit+0x1007/0x1eb0 net/core/dev.c:4246\ndev_queue_xmit include/linux/netdevice.h:3051 [inline]\nneigh_direct_output+0x17/0x20 net/core/neighbour.c:1623\nneigh_output include/net/neighbour.h:546 [inline]\nip_finish_output2+0x740/0x840 net/ipv4/ip_output.c:228\nip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:316\nNF_HOOK_COND include/linux/netfilter.h:291 [inline]\nip_output+0xe5/0x1b0 net/i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53109",
"url": "https://www.suse.com/security/cve/CVE-2023-53109"
},
{
"category": "external",
"summary": "SUSE Bug 1242405 for CVE-2023-53109",
"url": "https://bugzilla.suse.com/1242405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53109"
},
{
"cve": "CVE-2023-53114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix kernel crash during reboot when adapter is in recovery mode\n\nIf the driver detects during probe that firmware is in recovery\nmode then i40e_init_recovery_mode() is called and the rest of\nprobe function is skipped including pci_set_drvdata(). Subsequent\ni40e_shutdown() called during shutdown/reboot dereferences NULL\npointer as pci_get_drvdata() returns NULL.\n\nTo fix call pci_set_drvdata() also during entering to recovery mode.\n\nReproducer:\n1) Lets have i40e NIC with firmware in recovery mode\n2) Run reboot\n\nResult:\n[ 139.084698] i40e: Intel(R) Ethernet Connection XL710 Network Driver\n[ 139.090959] i40e: Copyright (c) 2013 - 2019 Intel Corporation.\n[ 139.108438] i40e 0000:02:00.0: Firmware recovery mode detected. Limiting functionality.\n[ 139.116439] i40e 0000:02:00.0: Refer to the Intel(R) Ethernet Adapters and Devices User Guide for details on firmware recovery mode.\n[ 139.129499] i40e 0000:02:00.0: fw 8.3.64775 api 1.13 nvm 8.30 0x8000b78d 1.3106.0 [8086:1583] [15d9:084a]\n[ 139.215932] i40e 0000:02:00.0 enp2s0f0: renamed from eth0\n[ 139.223292] i40e 0000:02:00.1: Firmware recovery mode detected. Limiting functionality.\n[ 139.231292] i40e 0000:02:00.1: Refer to the Intel(R) Ethernet Adapters and Devices User Guide for details on firmware recovery mode.\n[ 139.244406] i40e 0000:02:00.1: fw 8.3.64775 api 1.13 nvm 8.30 0x8000b78d 1.3106.0 [8086:1583] [15d9:084a]\n[ 139.329209] i40e 0000:02:00.1 enp2s0f1: renamed from eth0\n...\n[ 156.311376] BUG: kernel NULL pointer dereference, address: 00000000000006c2\n[ 156.318330] #PF: supervisor write access in kernel mode\n[ 156.323546] #PF: error_code(0x0002) - not-present page\n[ 156.328679] PGD 0 P4D 0\n[ 156.331210] Oops: 0002 [#1] PREEMPT SMP NOPTI\n[ 156.335567] CPU: 26 PID: 15119 Comm: reboot Tainted: G E 6.2.0+ #1\n[ 156.343126] Hardware name: Abacus electric, s.r.o. - servis@abacus.cz Super Server/H12SSW-iN, BIOS 2.4 04/13/2022\n[ 156.353369] RIP: 0010:i40e_shutdown+0x15/0x130 [i40e]\n[ 156.358430] Code: c1 fc ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 55 48 89 fd 53 48 8b 9f 48 01 00 00 \u003cf0\u003e 80 8b c2 06 00 00 04 f0 80 8b c0 06 00 00 08 48 8d bb 08 08 00\n[ 156.377168] RSP: 0018:ffffb223c8447d90 EFLAGS: 00010282\n[ 156.382384] RAX: ffffffffc073ee70 RBX: 0000000000000000 RCX: 0000000000000001\n[ 156.389510] RDX: 0000000080000001 RSI: 0000000000000246 RDI: ffff95db49988000\n[ 156.396634] RBP: ffff95db49988000 R08: ffffffffffffffff R09: ffffffff8bd17d40\n[ 156.403759] R10: 0000000000000001 R11: ffffffff8a5e3d28 R12: ffff95db49988000\n[ 156.410882] R13: ffffffff89a6fe17 R14: ffff95db49988150 R15: 0000000000000000\n[ 156.418007] FS: 00007fe7c0cc3980(0000) GS:ffff95ea8ee80000(0000) knlGS:0000000000000000\n[ 156.426083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 156.431819] CR2: 00000000000006c2 CR3: 00000003092fc005 CR4: 0000000000770ee0\n[ 156.438944] PKRU: 55555554\n[ 156.441647] Call Trace:\n[ 156.444096] \u003cTASK\u003e\n[ 156.446199] pci_device_shutdown+0x38/0x60\n[ 156.450297] device_shutdown+0x163/0x210\n[ 156.454215] kernel_restart+0x12/0x70\n[ 156.457872] __do_sys_reboot+0x1ab/0x230\n[ 156.461789] ? vfs_writev+0xa6/0x1a0\n[ 156.465362] ? __pfx_file_free_rcu+0x10/0x10\n[ 156.469635] ? __call_rcu_common.constprop.85+0x109/0x5a0\n[ 156.475034] do_syscall_64+0x3e/0x90\n[ 156.478611] entry_SYSCALL_64_after_hwframe+0x72/0xdc\n[ 156.483658] RIP: 0033:0x7fe7bff37ab7",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53114",
"url": "https://www.suse.com/security/cve/CVE-2023-53114"
},
{
"category": "external",
"summary": "SUSE Bug 1242398 for CVE-2023-53114",
"url": "https://bugzilla.suse.com/1242398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53114"
},
{
"cve": "CVE-2023-53119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: initialize struct pn533_out_arg properly\n\nstruct pn533_out_arg used as a temporary context for out_urb is not\ninitialized properly. Its uninitialized \u0027phy\u0027 field can be dereferenced in\nerror cases inside pn533_out_complete() callback function. It causes the\nfollowing failure:\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.2.0-rc3-next-20230110-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nRIP: 0010:pn533_out_complete.cold+0x15/0x44 drivers/nfc/pn533/usb.c:441\nCall Trace:\n \u003cIRQ\u003e\n __usb_hcd_giveback_urb+0x2b6/0x5c0 drivers/usb/core/hcd.c:1671\n usb_hcd_giveback_urb+0x384/0x430 drivers/usb/core/hcd.c:1754\n dummy_timer+0x1203/0x32d0 drivers/usb/gadget/udc/dummy_hcd.c:1988\n call_timer_fn+0x1da/0x800 kernel/time/timer.c:1700\n expire_timers+0x234/0x330 kernel/time/timer.c:1751\n __run_timers kernel/time/timer.c:2022 [inline]\n __run_timers kernel/time/timer.c:1995 [inline]\n run_timer_softirq+0x326/0x910 kernel/time/timer.c:2035\n __do_softirq+0x1fb/0xaf6 kernel/softirq.c:571\n invoke_softirq kernel/softirq.c:445 [inline]\n __irq_exit_rcu+0x123/0x180 kernel/softirq.c:650\n irq_exit_rcu+0x9/0x20 kernel/softirq.c:662\n sysvec_apic_timer_interrupt+0x97/0xc0 arch/x86/kernel/apic/apic.c:1107\n\nInitialize the field with the pn533_usb_phy currently used.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53119",
"url": "https://www.suse.com/security/cve/CVE-2023-53119"
},
{
"category": "external",
"summary": "SUSE Bug 1242370 for CVE-2023-53119",
"url": "https://bugzilla.suse.com/1242370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53119"
},
{
"cve": "CVE-2023-53121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: tcp_make_synack() can be called from process context\n\ntcp_rtx_synack() now could be called in process context as explained in\n0a375c822497 (\"tcp: tcp_rtx_synack() can be called from process\ncontext\").\n\ntcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU\nvariables with preemption enabled. This causes the following BUG:\n\n BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464\n caller is tcp_make_synack+0x841/0xac0\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x10d/0x1a0\n check_preemption_disabled+0x104/0x110\n tcp_make_synack+0x841/0xac0\n tcp_v6_send_synack+0x5c/0x450\n tcp_rtx_synack+0xeb/0x1f0\n inet_rtx_syn_ack+0x34/0x60\n tcp_check_req+0x3af/0x9e0\n tcp_rcv_state_process+0x59b/0x2030\n tcp_v6_do_rcv+0x5f5/0x700\n release_sock+0x3a/0xf0\n tcp_sendmsg+0x33/0x40\n ____sys_sendmsg+0x2f2/0x490\n __sys_sendmsg+0x184/0x230\n do_syscall_64+0x3d/0x90\n\nAvoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use\nTCP_INC_STATS() which is safe to be called from context switch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53121",
"url": "https://www.suse.com/security/cve/CVE-2023-53121"
},
{
"category": "external",
"summary": "SUSE Bug 1242225 for CVE-2023-53121",
"url": "https://bugzilla.suse.com/1242225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53121"
},
{
"cve": "CVE-2023-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()\n\nPort is allocated by sas_port_alloc_num() and rphy is allocated by either\nsas_end_device_alloc() or sas_expander_alloc(), all of which may return\nNULL. So we need to check the rphy to avoid possible NULL pointer access.\n\nIf sas_rphy_add() returned with failure, rphy is set to NULL. We would\naccess the rphy in the following lines which would also result NULL pointer\naccess.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53124",
"url": "https://www.suse.com/security/cve/CVE-2023-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1242165 for CVE-2023-53124",
"url": "https://bugzilla.suse.com/1242165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53124"
},
{
"cve": "CVE-2023-53125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Limit packet length to skb-\u003elen\n\nPacket length retrieved from skb data may be larger than\nthe actual socket buffer length (up to 9026 bytes). In such\ncase the cloned skb passed up the network stack will leak\nkernel memory contents.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53125",
"url": "https://www.suse.com/security/cve/CVE-2023-53125"
},
{
"category": "external",
"summary": "SUSE Bug 1242285 for CVE-2023-53125",
"url": "https://bugzilla.suse.com/1242285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53125"
},
{
"cve": "CVE-2023-53131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix a server shutdown leak\n\nFix a race where kthread_stop() may prevent the threadfn from ever getting\ncalled. If that happens the svc_rqst will not be cleaned up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53131",
"url": "https://www.suse.com/security/cve/CVE-2023-53131"
},
{
"category": "external",
"summary": "SUSE Bug 1242377 for CVE-2023-53131",
"url": "https://bugzilla.suse.com/1242377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53131"
},
{
"cve": "CVE-2023-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties\n\ndevm_kmalloc_array may fails, *fw_vsc_cfg might be null and cause\nout-of-bounds write in device_property_read_u8_array later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53139",
"url": "https://www.suse.com/security/cve/CVE-2023-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1242361 for CVE-2023-53139",
"url": "https://bugzilla.suse.com/1242361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53139"
},
{
"cve": "CVE-2023-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Remove the /proc/scsi/${proc_name} directory earlier\n\nRemove the /proc/scsi/${proc_name} directory earlier to fix a race\ncondition between unloading and reloading kernel modules. This fixes a bug\nintroduced in 2009 by commit 77c019768f06 (\"[SCSI] fix /proc memory leak in\nthe SCSI core\").\n\nFix the following kernel warning:\n\nproc_dir_entry \u0027scsi/scsi_debug\u0027 already registered\nWARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 proc_register+0x27d/0x2e0\nCall Trace:\n proc_mkdir+0xb5/0xe0\n scsi_proc_hostdir_add+0xb5/0x170\n scsi_host_alloc+0x683/0x6c0\n sdebug_driver_probe+0x6b/0x2d0 [scsi_debug]\n really_probe+0x159/0x540\n __driver_probe_device+0xdc/0x230\n driver_probe_device+0x4f/0x120\n __device_attach_driver+0xef/0x180\n bus_for_each_drv+0xe5/0x130\n __device_attach+0x127/0x290\n device_initial_probe+0x17/0x20\n bus_probe_device+0x110/0x130\n device_add+0x673/0xc80\n device_register+0x1e/0x30\n sdebug_add_host_helper+0x1a7/0x3b0 [scsi_debug]\n scsi_debug_init+0x64f/0x1000 [scsi_debug]\n do_one_initcall+0xd7/0x470\n do_init_module+0xe7/0x330\n load_module+0x122a/0x12c0\n __do_sys_finit_module+0x124/0x1a0\n __x64_sys_finit_module+0x46/0x50\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x46/0xb0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53140",
"url": "https://www.suse.com/security/cve/CVE-2023-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1242372 for CVE-2023-53140",
"url": "https://bugzilla.suse.com/1242372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53140"
},
{
"cve": "CVE-2023-53141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53141"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()\n\nila_xlat_nl_cmd_get_mapping() generates an empty skb,\ntriggerring a recent sanity check [1].\n\nInstead, return an error code, so that user space\ncan get it.\n\n[1]\nskb_assert_len\nWARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 skb_assert_len include/linux/skbuff.h:2527 [inline]\nWARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156\nModules linked in:\nCPU: 0 PID: 5923 Comm: syz-executor269 Not tainted 6.2.0-syzkaller-18300-g2ebd1fbb946d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_assert_len include/linux/skbuff.h:2527 [inline]\npc : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156\nlr : skb_assert_len include/linux/skbuff.h:2527 [inline]\nlr : __dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156\nsp : ffff80001e0d6c40\nx29: ffff80001e0d6e60 x28: dfff800000000000 x27: ffff0000c86328c0\nx26: dfff800000000000 x25: ffff0000c8632990 x24: ffff0000c8632a00\nx23: 0000000000000000 x22: 1fffe000190c6542 x21: ffff0000c8632a10\nx20: ffff0000c8632a00 x19: ffff80001856e000 x18: ffff80001e0d5fc0\nx17: 0000000000000000 x16: ffff80001235d16c x15: 0000000000000000\nx14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001\nx11: ff80800008353a30 x10: 0000000000000000 x9 : 21567eaf25bfb600\nx8 : 21567eaf25bfb600 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff80001e0d6558 x4 : ffff800015c74760 x3 : ffff800008596744\nx2 : 0000000000000001 x1 : 0000000100000000 x0 : 000000000000000e\nCall trace:\nskb_assert_len include/linux/skbuff.h:2527 [inline]\n__dev_queue_xmit+0x1bc0/0x3488 net/core/dev.c:4156\ndev_queue_xmit include/linux/netdevice.h:3033 [inline]\n__netlink_deliver_tap_skb net/netlink/af_netlink.c:307 [inline]\n__netlink_deliver_tap+0x45c/0x6f8 net/netlink/af_netlink.c:325\nnetlink_deliver_tap+0xf4/0x174 net/netlink/af_netlink.c:338\n__netlink_sendskb net/netlink/af_netlink.c:1283 [inline]\nnetlink_sendskb+0x6c/0x154 net/netlink/af_netlink.c:1292\nnetlink_unicast+0x334/0x8d4 net/netlink/af_netlink.c:1380\nnlmsg_unicast include/net/netlink.h:1099 [inline]\ngenlmsg_unicast include/net/genetlink.h:433 [inline]\ngenlmsg_reply include/net/genetlink.h:443 [inline]\nila_xlat_nl_cmd_get_mapping+0x620/0x7d0 net/ipv6/ila/ila_xlat.c:493\ngenl_family_rcv_msg_doit net/netlink/genetlink.c:968 [inline]\ngenl_family_rcv_msg net/netlink/genetlink.c:1048 [inline]\ngenl_rcv_msg+0x938/0xc1c net/netlink/genetlink.c:1065\nnetlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2574\ngenl_rcv+0x38/0x50 net/netlink/genetlink.c:1076\nnetlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline]\nnetlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365\nnetlink_sendmsg+0x800/0xae0 net/netlink/af_netlink.c:1942\nsock_sendmsg_nosec net/socket.c:714 [inline]\nsock_sendmsg net/socket.c:734 [inline]\n____sys_sendmsg+0x558/0x844 net/socket.c:2479\n___sys_sendmsg net/socket.c:2533 [inline]\n__sys_sendmsg+0x26c/0x33c net/socket.c:2562\n__do_sys_sendmsg net/socket.c:2571 [inline]\n__se_sys_sendmsg net/socket.c:2569 [inline]\n__arm64_sys_sendmsg+0x80/0x94 net/socket.c:2569\n__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]\ninvoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52\nel0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142\ndo_el0_svc+0x64/0x198 arch/arm64/kernel/syscall.c:193\nel0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637\nel0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591\nirq event stamp: 136484\nhardirqs last enabled at (136483): [\u003cffff800008350244\u003e] __up_console_sem+0x60/0xb4 kernel/printk/printk.c:345\nhardirqs last disabled at (136484): [\u003cffff800012358d60\u003e] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405\nsoftirqs last enabled at (136418): [\u003cffff800008020ea8\u003e] softirq_ha\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53141",
"url": "https://www.suse.com/security/cve/CVE-2023-53141"
},
{
"category": "external",
"summary": "SUSE Bug 1242362 for CVE-2023-53141",
"url": "https://bugzilla.suse.com/1242362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2023-53141"
},
{
"cve": "CVE-2023-53145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition\n\nIn btsdio_probe, the data-\u003ework is bound with btsdio_work. It will be\nstarted in btsdio_send_frame.\n\nIf the btsdio_remove runs with a unfinished work, there may be a race\ncondition that hdev is freed but used in btsdio_work. Fix it by\ncanceling the work before do cleanup in btsdio_remove.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53145",
"url": "https://www.suse.com/security/cve/CVE-2023-53145"
},
{
"category": "external",
"summary": "SUSE Bug 1243047 for CVE-2023-53145",
"url": "https://bugzilla.suse.com/1243047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "important"
}
],
"title": "CVE-2023-53145"
},
{
"cve": "CVE-2024-26740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: use the backlog for mirred ingress\n\nThe test Davide added in commit ca22da2fbd69 (\"act_mirred: use the backlog\nfor nested calls to mirred ingress\") hangs our testing VMs every 10 or so\nruns, with the familiar tcp_v4_rcv -\u003e tcp_v4_rcv deadlock reported by\nlockdep.\n\nThe problem as previously described by Davide (see Link) is that\nif we reverse flow of traffic with the redirect (egress -\u003e ingress)\nwe may reach the same socket which generated the packet. And we may\nstill be holding its socket lock. The common solution to such deadlocks\nis to put the packet in the Rx backlog, rather than run the Rx path\ninline. Do that for all egress -\u003e ingress reversals, not just once\nwe started to nest mirred calls.\n\nIn the past there was a concern that the backlog indirection will\nlead to loss of error reporting / less accurate stats. But the current\nworkaround does not seem to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26740",
"url": "https://www.suse.com/security/cve/CVE-2024-26740"
},
{
"category": "external",
"summary": "SUSE Bug 1222563 for CVE-2024-26740",
"url": "https://bugzilla.suse.com/1222563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26740"
},
{
"cve": "CVE-2024-26804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: prevent perpetual headroom growth\n\nsyzkaller triggered following kasan splat:\nBUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170\nRead of size 1 at addr ffff88812fb4000e by task syz-executor183/5191\n[..]\n kasan_report+0xda/0x110 mm/kasan/report.c:588\n __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170\n skb_flow_dissect_flow_keys include/linux/skbuff.h:1514 [inline]\n ___skb_get_hash net/core/flow_dissector.c:1791 [inline]\n __skb_get_hash+0xc7/0x540 net/core/flow_dissector.c:1856\n skb_get_hash include/linux/skbuff.h:1556 [inline]\n ip_tunnel_xmit+0x1855/0x33c0 net/ipv4/ip_tunnel.c:748\n ipip_tunnel_xmit+0x3cc/0x4e0 net/ipv4/ipip.c:308\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x13d/0x6d0 net/core/dev.c:3564\n __dev_queue_xmit+0x7c1/0x3d60 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n neigh_connected_output+0x42c/0x5d0 net/core/neighbour.c:1592\n ...\n ip_finish_output2+0x833/0x2550 net/ipv4/ip_output.c:235\n ip_finish_output+0x31/0x310 net/ipv4/ip_output.c:323\n ..\n iptunnel_xmit+0x5b4/0x9b0 net/ipv4/ip_tunnel_core.c:82\n ip_tunnel_xmit+0x1dbc/0x33c0 net/ipv4/ip_tunnel.c:831\n ipgre_xmit+0x4a1/0x980 net/ipv4/ip_gre.c:665\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x13d/0x6d0 net/core/dev.c:3564\n ...\n\nThe splat occurs because skb-\u003edata points past skb-\u003ehead allocated area.\nThis is because neigh layer does:\n __skb_pull(skb, skb_network_offset(skb));\n\n... but skb_network_offset() returns a negative offset and __skb_pull()\narg is unsigned. IOW, we skb-\u003edata gets \"adjusted\" by a huge value.\n\nThe negative value is returned because skb-\u003ehead and skb-\u003edata distance is\nmore than 64k and skb-\u003enetwork_header (u16) has wrapped around.\n\nThe bug is in the ip_tunnel infrastructure, which can cause\ndev-\u003eneeded_headroom to increment ad infinitum.\n\nThe syzkaller reproducer consists of packets getting routed via a gre\ntunnel, and route of gre encapsulated packets pointing at another (ipip)\ntunnel. The ipip encapsulation finds gre0 as next output device.\n\nThis results in the following pattern:\n\n1). First packet is to be sent out via gre0.\nRoute lookup found an output device, ipip0.\n\n2).\nip_tunnel_xmit for gre0 bumps gre0-\u003eneeded_headroom based on the future\noutput device, rt.dev-\u003eneeded_headroom (ipip0).\n\n3).\nip output / start_xmit moves skb on to ipip0. which runs the same\ncode path again (xmit recursion).\n\n4).\nRouting step for the post-gre0-encap packet finds gre0 as output device\nto use for ipip0 encapsulated packet.\n\ntunl0-\u003eneeded_headroom is then incremented based on the (already bumped)\ngre0 device headroom.\n\nThis repeats for every future packet:\n\ngre0-\u003eneeded_headroom gets inflated because previous packets\u0027 ipip0 step\nincremented rt-\u003edev (gre0) headroom, and ipip0 incremented because gre0\nneeded_headroom was increased.\n\nFor each subsequent packet, gre/ipip0-\u003eneeded_headroom grows until\npost-expand-head reallocations result in a skb-\u003ehead/data distance of\nmore than 64k.\n\nOnce that happens, skb-\u003enetwork_header (u16) wraps around when\npskb_expand_head tries to make sure that skb_network_offset() is unchanged\nafter the headroom expansion/reallocation.\n\nAfter this skb_network_offset(skb) returns a different (and negative)\nresult post headroom expansion.\n\nThe next trip to neigh layer (or anything else that would __skb_pull the\nnetwork header) makes skb-\u003edata point to a memory location outside\nskb-\u003ehead area.\n\nv2: Cap the needed_headroom update to an arbitarily chosen upperlimit to\nprevent perpetual increase instead of dropping the headroom increment\ncompletely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26804",
"url": "https://www.suse.com/security/cve/CVE-2024-26804"
},
{
"category": "external",
"summary": "SUSE Bug 1222629 for CVE-2024-26804",
"url": "https://bugzilla.suse.com/1222629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-26804"
},
{
"cve": "CVE-2024-27010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix mirred deadlock on device recursion\n\nWhen the mirred action is used on a classful egress qdisc and a packet is\nmirrored or redirected to self we hit a qdisc lock deadlock.\nSee trace below.\n\n[..... other info removed for brevity....]\n[ 82.890906]\n[ 82.890906] ============================================\n[ 82.890906] WARNING: possible recursive locking detected\n[ 82.890906] 6.8.0-05205-g77fadd89fe2d-dirty #213 Tainted: G W\n[ 82.890906] --------------------------------------------\n[ 82.890906] ping/418 is trying to acquire lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] but task is already holding lock:\n[ 82.890906] ffff888006994110 (\u0026sch-\u003eq.lock){+.-.}-{3:3}, at:\n__dev_queue_xmit+0x1778/0x3550\n[ 82.890906]\n[ 82.890906] other info that might help us debug this:\n[ 82.890906] Possible unsafe locking scenario:\n[ 82.890906]\n[ 82.890906] CPU0\n[ 82.890906] ----\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906] lock(\u0026sch-\u003eq.lock);\n[ 82.890906]\n[ 82.890906] *** DEADLOCK ***\n[ 82.890906]\n[..... other info removed for brevity....]\n\nExample setup (eth0-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nAnother example(eth0-\u003eeth1-\u003eeth0) to recreate\ntc qdisc add dev eth0 root handle 1: htb default 30\ntc filter add dev eth0 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth1\n\ntc qdisc add dev eth1 root handle 1: htb default 30\ntc filter add dev eth1 handle 1: protocol ip prio 2 matchall \\\n action mirred egress redirect dev eth0\n\nWe fix this by adding an owner field (CPU id) to struct Qdisc set after\nroot qdisc is entered. When the softirq enters it a second time, if the\nqdisc owner is the same CPU, the packet is dropped to break the loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27010",
"url": "https://www.suse.com/security/cve/CVE-2024-27010"
},
{
"category": "external",
"summary": "SUSE Bug 1223720 for CVE-2024-27010",
"url": "https://bugzilla.suse.com/1223720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-27010"
},
{
"cve": "CVE-2024-45021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg_write_event_control(): fix a user-triggerable oops\n\nwe are *not* guaranteed that anything past the terminating NUL\nis mapped (let alone initialized with anything sane).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45021",
"url": "https://www.suse.com/security/cve/CVE-2024-45021"
},
{
"category": "external",
"summary": "SUSE Bug 1230434 for CVE-2024-45021",
"url": "https://bugzilla.suse.com/1230434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-45021"
},
{
"cve": "CVE-2024-46751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t BUG_ON() when 0 reference count at btrfs_lookup_extent_info()\n\nInstead of doing a BUG_ON() handle the error by returning -EUCLEAN,\naborting the transaction and logging an error message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46751",
"url": "https://www.suse.com/security/cve/CVE-2024-46751"
},
{
"category": "external",
"summary": "SUSE Bug 1230786 for CVE-2024-46751",
"url": "https://bugzilla.suse.com/1230786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-46751"
},
{
"cve": "CVE-2024-46752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: replace BUG_ON() with error handling at update_ref_for_cow()\n\nInstead of a BUG_ON() just return an error, log an error message and\nabort the transaction in case we find an extent buffer belonging to the\nrelocation tree that doesn\u0027t have the full backref flag set. This is\nunexpected and should never happen (save for bugs or a potential bad\nmemory).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46752",
"url": "https://www.suse.com/security/cve/CVE-2024-46752"
},
{
"category": "external",
"summary": "SUSE Bug 1230794 for CVE-2024-46752",
"url": "https://bugzilla.suse.com/1230794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-17T15:32:57Z",
"details": "moderate"
}
],
"title": "CVE-2024-46752"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_261-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.261.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.261.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.261.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.c