Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-50577 (GCVE-0-2022-50577)
Vulnerability from cvelistv5
Published
2025-10-22 13:23
Modified
2025-10-22 13:23
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ima: Fix memory leak in __ima_inode_hash()
Commit f3cc6b25dcc5 ("ima: always measure and audit files in policy") lets
measurement or audit happen even if the file digest cannot be calculated.
As a result, iint->ima_hash could have been allocated despite
ima_collect_measurement() returning an error.
Since ima_hash belongs to a temporary inode metadata structure, declared
at the beginning of __ima_inode_hash(), just add a kfree() call if
ima_collect_measurement() returns an error different from -ENOMEM (in that
case, ima_hash should not have been allocated).
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"security/integrity/ima/ima_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "c4df8cb38f139ed9f4296868c0a6f15a26e8c491",
"status": "affected",
"version": "280fe8367b0dc45b6ac5e04fad03e16e99540c0c",
"versionType": "git"
},
{
"lessThan": "f375bcf69f58fd0744c9dfd1b6b891a27301d67b",
"status": "affected",
"version": "280fe8367b0dc45b6ac5e04fad03e16e99540c0c",
"versionType": "git"
},
{
"lessThan": "8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8",
"status": "affected",
"version": "280fe8367b0dc45b6ac5e04fad03e16e99540c0c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"security/integrity/ima/ima_main.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.18"
},
{
"lessThan": "5.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.18",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.2",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.18",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.4",
"versionStartIncluding": "5.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"versionStartIncluding": "5.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix memory leak in __ima_inode_hash()\n\nCommit f3cc6b25dcc5 (\"ima: always measure and audit files in policy\") lets\nmeasurement or audit happen even if the file digest cannot be calculated.\n\nAs a result, iint-\u003eima_hash could have been allocated despite\nima_collect_measurement() returning an error.\n\nSince ima_hash belongs to a temporary inode metadata structure, declared\nat the beginning of __ima_inode_hash(), just add a kfree() call if\nima_collect_measurement() returns an error different from -ENOMEM (in that\ncase, ima_hash should not have been allocated)."
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T13:23:30.910Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/c4df8cb38f139ed9f4296868c0a6f15a26e8c491"
},
{
"url": "https://git.kernel.org/stable/c/f375bcf69f58fd0744c9dfd1b6b891a27301d67b"
},
{
"url": "https://git.kernel.org/stable/c/8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8"
}
],
"title": "ima: Fix memory leak in __ima_inode_hash()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-50577",
"datePublished": "2025-10-22T13:23:30.910Z",
"dateReserved": "2025-10-22T13:20:23.761Z",
"dateUpdated": "2025-10-22T13:23:30.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-50577\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-22T14:15:42.677\",\"lastModified\":\"2025-10-22T21:12:48.953\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nima: Fix memory leak in __ima_inode_hash()\\n\\nCommit f3cc6b25dcc5 (\\\"ima: always measure and audit files in policy\\\") lets\\nmeasurement or audit happen even if the file digest cannot be calculated.\\n\\nAs a result, iint-\u003eima_hash could have been allocated despite\\nima_collect_measurement() returning an error.\\n\\nSince ima_hash belongs to a temporary inode metadata structure, declared\\nat the beginning of __ima_inode_hash(), just add a kfree() call if\\nima_collect_measurement() returns an error different from -ENOMEM (in that\\ncase, ima_hash should not have been allocated).\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c4df8cb38f139ed9f4296868c0a6f15a26e8c491\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f375bcf69f58fd0744c9dfd1b6b891a27301d67b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
ghsa-6fv2-p7hp-vxq5
Vulnerability from github
Published
2025-10-22 15:31
Modified
2025-10-22 15:31
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
ima: Fix memory leak in __ima_inode_hash()
Commit f3cc6b25dcc5 ("ima: always measure and audit files in policy") lets measurement or audit happen even if the file digest cannot be calculated.
As a result, iint->ima_hash could have been allocated despite ima_collect_measurement() returning an error.
Since ima_hash belongs to a temporary inode metadata structure, declared at the beginning of __ima_inode_hash(), just add a kfree() call if ima_collect_measurement() returns an error different from -ENOMEM (in that case, ima_hash should not have been allocated).
{
"affected": [],
"aliases": [
"CVE-2022-50577"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-22T14:15:42Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix memory leak in __ima_inode_hash()\n\nCommit f3cc6b25dcc5 (\"ima: always measure and audit files in policy\") lets\nmeasurement or audit happen even if the file digest cannot be calculated.\n\nAs a result, iint-\u003eima_hash could have been allocated despite\nima_collect_measurement() returning an error.\n\nSince ima_hash belongs to a temporary inode metadata structure, declared\nat the beginning of __ima_inode_hash(), just add a kfree() call if\nima_collect_measurement() returns an error different from -ENOMEM (in that\ncase, ima_hash should not have been allocated).",
"id": "GHSA-6fv2-p7hp-vxq5",
"modified": "2025-10-22T15:31:10Z",
"published": "2025-10-22T15:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50577"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c4df8cb38f139ed9f4296868c0a6f15a26e8c491"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f375bcf69f58fd0744c9dfd1b6b891a27301d67b"
}
],
"schema_version": "1.4.0",
"severity": []
}
suse-su-2025:4149-1
Vulnerability from csaf_suse
Published
2025-11-20 15:41
Modified
2025-11-20 15:41
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859).
- CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857).
- CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164).
- CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).
- CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816).
- CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052).
- CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222).
- CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743).
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
- CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498).
- CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499).
- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479).
- CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).
The following non security issues were fixed:
- NFS: remove revoked delegation from server's delegation list (bsc#1246211).
- NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
- fbcon: Fix OOB access in font allocation (bsc#1252033)
- kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).
- mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823).
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
- net: mana: Switch to page pool for jumbo frames (bsc#1248754).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced.
Patchnames
SUSE-2025-4149,SUSE-SLE-Micro-5.5-2025-4149
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859).\n- CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857).\n- CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164).\n- CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).\n- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).\n- CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816).\n- CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052).\n- CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222).\n- CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743).\n- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763).\n- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).\n- CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable (bsc#1242960).\n- CVE-2025-38084: hugetlb: unshare some PMDs when splitting VMAs (bsc#1245498).\n- CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245499).\n- CVE-2025-38476: rpl: Fix use-after-free in rpl_do_srh_inline() (bsc#1247317).\n- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479).\n- CVE-2025-39797: xfrm: Duplicate SPI Handling (bsc#1249608).\n- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).\n- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).\n- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).\n- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).\n- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).\n- CVE-2025-39981: Bluetooth: MGMT: Fix possible UAFs (bsc#1252060).\n- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).\n- CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).\n\nThe following non security issues were fixed:\n\n- NFS: remove revoked delegation from server\u0027s delegation list (bsc#1246211).\n- NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).\n- fbcon: Fix OOB access in font allocation (bsc#1252033)\n- kabi fix for NFSv4: Allow FREE_STATEID to clean up delegations (bsc#1246211).\n- mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823).\n- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).\n- net: mana: Switch to page pool for jumbo frames (bsc#1248754).\n- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).\n- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4149,SUSE-SLE-Micro-5.5-2025-4149",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4149-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4149-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254149-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4149-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023309.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1205128",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "self",
"summary": "SUSE Bug 1206843",
"url": "https://bugzilla.suse.com/1206843"
},
{
"category": "self",
"summary": "SUSE Bug 1206893",
"url": "https://bugzilla.suse.com/1206893"
},
{
"category": "self",
"summary": "SUSE Bug 1207612",
"url": "https://bugzilla.suse.com/1207612"
},
{
"category": "self",
"summary": "SUSE Bug 1207619",
"url": "https://bugzilla.suse.com/1207619"
},
{
"category": "self",
"summary": "SUSE Bug 1210763",
"url": "https://bugzilla.suse.com/1210763"
},
{
"category": "self",
"summary": "SUSE Bug 1211162",
"url": "https://bugzilla.suse.com/1211162"
},
{
"category": "self",
"summary": "SUSE Bug 1211692",
"url": "https://bugzilla.suse.com/1211692"
},
{
"category": "self",
"summary": "SUSE Bug 1213098",
"url": "https://bugzilla.suse.com/1213098"
},
{
"category": "self",
"summary": "SUSE Bug 1213114",
"url": "https://bugzilla.suse.com/1213114"
},
{
"category": "self",
"summary": "SUSE Bug 1213747",
"url": "https://bugzilla.suse.com/1213747"
},
{
"category": "self",
"summary": "SUSE Bug 1214754",
"url": "https://bugzilla.suse.com/1214754"
},
{
"category": "self",
"summary": "SUSE Bug 1214954",
"url": "https://bugzilla.suse.com/1214954"
},
{
"category": "self",
"summary": "SUSE Bug 1214992",
"url": "https://bugzilla.suse.com/1214992"
},
{
"category": "self",
"summary": "SUSE Bug 1215148",
"url": "https://bugzilla.suse.com/1215148"
},
{
"category": "self",
"summary": "SUSE Bug 1217366",
"url": "https://bugzilla.suse.com/1217366"
},
{
"category": "self",
"summary": "SUSE Bug 1236104",
"url": "https://bugzilla.suse.com/1236104"
},
{
"category": "self",
"summary": "SUSE Bug 1242960",
"url": "https://bugzilla.suse.com/1242960"
},
{
"category": "self",
"summary": "SUSE Bug 1245498",
"url": "https://bugzilla.suse.com/1245498"
},
{
"category": "self",
"summary": "SUSE Bug 1245499",
"url": "https://bugzilla.suse.com/1245499"
},
{
"category": "self",
"summary": "SUSE Bug 1246211",
"url": "https://bugzilla.suse.com/1246211"
},
{
"category": "self",
"summary": "SUSE Bug 1247317",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "self",
"summary": "SUSE Bug 1248754",
"url": "https://bugzilla.suse.com/1248754"
},
{
"category": "self",
"summary": "SUSE Bug 1249479",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "self",
"summary": "SUSE Bug 1249608",
"url": "https://bugzilla.suse.com/1249608"
},
{
"category": "self",
"summary": "SUSE Bug 1249857",
"url": "https://bugzilla.suse.com/1249857"
},
{
"category": "self",
"summary": "SUSE Bug 1249859",
"url": "https://bugzilla.suse.com/1249859"
},
{
"category": "self",
"summary": "SUSE Bug 1249988",
"url": "https://bugzilla.suse.com/1249988"
},
{
"category": "self",
"summary": "SUSE Bug 1250237",
"url": "https://bugzilla.suse.com/1250237"
},
{
"category": "self",
"summary": "SUSE Bug 1250742",
"url": "https://bugzilla.suse.com/1250742"
},
{
"category": "self",
"summary": "SUSE Bug 1250816",
"url": "https://bugzilla.suse.com/1250816"
},
{
"category": "self",
"summary": "SUSE Bug 1250946",
"url": "https://bugzilla.suse.com/1250946"
},
{
"category": "self",
"summary": "SUSE Bug 1251027",
"url": "https://bugzilla.suse.com/1251027"
},
{
"category": "self",
"summary": "SUSE Bug 1251032",
"url": "https://bugzilla.suse.com/1251032"
},
{
"category": "self",
"summary": "SUSE Bug 1251034",
"url": "https://bugzilla.suse.com/1251034"
},
{
"category": "self",
"summary": "SUSE Bug 1251035",
"url": "https://bugzilla.suse.com/1251035"
},
{
"category": "self",
"summary": "SUSE Bug 1251037",
"url": "https://bugzilla.suse.com/1251037"
},
{
"category": "self",
"summary": "SUSE Bug 1251040",
"url": "https://bugzilla.suse.com/1251040"
},
{
"category": "self",
"summary": "SUSE Bug 1251043",
"url": "https://bugzilla.suse.com/1251043"
},
{
"category": "self",
"summary": "SUSE Bug 1251045",
"url": "https://bugzilla.suse.com/1251045"
},
{
"category": "self",
"summary": "SUSE Bug 1251046",
"url": "https://bugzilla.suse.com/1251046"
},
{
"category": "self",
"summary": "SUSE Bug 1251047",
"url": "https://bugzilla.suse.com/1251047"
},
{
"category": "self",
"summary": "SUSE Bug 1251052",
"url": "https://bugzilla.suse.com/1251052"
},
{
"category": "self",
"summary": "SUSE Bug 1251054",
"url": "https://bugzilla.suse.com/1251054"
},
{
"category": "self",
"summary": "SUSE Bug 1251057",
"url": "https://bugzilla.suse.com/1251057"
},
{
"category": "self",
"summary": "SUSE Bug 1251059",
"url": "https://bugzilla.suse.com/1251059"
},
{
"category": "self",
"summary": "SUSE Bug 1251060",
"url": "https://bugzilla.suse.com/1251060"
},
{
"category": "self",
"summary": "SUSE Bug 1251061",
"url": "https://bugzilla.suse.com/1251061"
},
{
"category": "self",
"summary": "SUSE Bug 1251063",
"url": "https://bugzilla.suse.com/1251063"
},
{
"category": "self",
"summary": "SUSE Bug 1251065",
"url": "https://bugzilla.suse.com/1251065"
},
{
"category": "self",
"summary": "SUSE Bug 1251066",
"url": "https://bugzilla.suse.com/1251066"
},
{
"category": "self",
"summary": "SUSE Bug 1251068",
"url": "https://bugzilla.suse.com/1251068"
},
{
"category": "self",
"summary": "SUSE Bug 1251072",
"url": "https://bugzilla.suse.com/1251072"
},
{
"category": "self",
"summary": "SUSE Bug 1251079",
"url": "https://bugzilla.suse.com/1251079"
},
{
"category": "self",
"summary": "SUSE Bug 1251080",
"url": "https://bugzilla.suse.com/1251080"
},
{
"category": "self",
"summary": "SUSE Bug 1251082",
"url": "https://bugzilla.suse.com/1251082"
},
{
"category": "self",
"summary": "SUSE Bug 1251086",
"url": "https://bugzilla.suse.com/1251086"
},
{
"category": "self",
"summary": "SUSE Bug 1251087",
"url": "https://bugzilla.suse.com/1251087"
},
{
"category": "self",
"summary": "SUSE Bug 1251088",
"url": "https://bugzilla.suse.com/1251088"
},
{
"category": "self",
"summary": "SUSE Bug 1251091",
"url": "https://bugzilla.suse.com/1251091"
},
{
"category": "self",
"summary": "SUSE Bug 1251092",
"url": "https://bugzilla.suse.com/1251092"
},
{
"category": "self",
"summary": "SUSE Bug 1251093",
"url": "https://bugzilla.suse.com/1251093"
},
{
"category": "self",
"summary": "SUSE Bug 1251097",
"url": "https://bugzilla.suse.com/1251097"
},
{
"category": "self",
"summary": "SUSE Bug 1251099",
"url": "https://bugzilla.suse.com/1251099"
},
{
"category": "self",
"summary": "SUSE Bug 1251101",
"url": "https://bugzilla.suse.com/1251101"
},
{
"category": "self",
"summary": "SUSE Bug 1251104",
"url": "https://bugzilla.suse.com/1251104"
},
{
"category": "self",
"summary": "SUSE Bug 1251105",
"url": "https://bugzilla.suse.com/1251105"
},
{
"category": "self",
"summary": "SUSE Bug 1251106",
"url": "https://bugzilla.suse.com/1251106"
},
{
"category": "self",
"summary": "SUSE Bug 1251110",
"url": "https://bugzilla.suse.com/1251110"
},
{
"category": "self",
"summary": "SUSE Bug 1251113",
"url": "https://bugzilla.suse.com/1251113"
},
{
"category": "self",
"summary": "SUSE Bug 1251115",
"url": "https://bugzilla.suse.com/1251115"
},
{
"category": "self",
"summary": "SUSE Bug 1251123",
"url": "https://bugzilla.suse.com/1251123"
},
{
"category": "self",
"summary": "SUSE Bug 1251128",
"url": "https://bugzilla.suse.com/1251128"
},
{
"category": "self",
"summary": "SUSE Bug 1251129",
"url": "https://bugzilla.suse.com/1251129"
},
{
"category": "self",
"summary": "SUSE Bug 1251133",
"url": "https://bugzilla.suse.com/1251133"
},
{
"category": "self",
"summary": "SUSE Bug 1251136",
"url": "https://bugzilla.suse.com/1251136"
},
{
"category": "self",
"summary": "SUSE Bug 1251147",
"url": "https://bugzilla.suse.com/1251147"
},
{
"category": "self",
"summary": "SUSE Bug 1251149",
"url": "https://bugzilla.suse.com/1251149"
},
{
"category": "self",
"summary": "SUSE Bug 1251153",
"url": "https://bugzilla.suse.com/1251153"
},
{
"category": "self",
"summary": "SUSE Bug 1251154",
"url": "https://bugzilla.suse.com/1251154"
},
{
"category": "self",
"summary": "SUSE Bug 1251159",
"url": "https://bugzilla.suse.com/1251159"
},
{
"category": "self",
"summary": "SUSE Bug 1251162",
"url": "https://bugzilla.suse.com/1251162"
},
{
"category": "self",
"summary": "SUSE Bug 1251164",
"url": "https://bugzilla.suse.com/1251164"
},
{
"category": "self",
"summary": "SUSE Bug 1251166",
"url": "https://bugzilla.suse.com/1251166"
},
{
"category": "self",
"summary": "SUSE Bug 1251167",
"url": "https://bugzilla.suse.com/1251167"
},
{
"category": "self",
"summary": "SUSE Bug 1251169",
"url": "https://bugzilla.suse.com/1251169"
},
{
"category": "self",
"summary": "SUSE Bug 1251170",
"url": "https://bugzilla.suse.com/1251170"
},
{
"category": "self",
"summary": "SUSE Bug 1251173",
"url": "https://bugzilla.suse.com/1251173"
},
{
"category": "self",
"summary": "SUSE Bug 1251174",
"url": "https://bugzilla.suse.com/1251174"
},
{
"category": "self",
"summary": "SUSE Bug 1251178",
"url": "https://bugzilla.suse.com/1251178"
},
{
"category": "self",
"summary": "SUSE Bug 1251180",
"url": "https://bugzilla.suse.com/1251180"
},
{
"category": "self",
"summary": "SUSE Bug 1251182",
"url": "https://bugzilla.suse.com/1251182"
},
{
"category": "self",
"summary": "SUSE Bug 1251197",
"url": "https://bugzilla.suse.com/1251197"
},
{
"category": "self",
"summary": "SUSE Bug 1251200",
"url": "https://bugzilla.suse.com/1251200"
},
{
"category": "self",
"summary": "SUSE Bug 1251201",
"url": "https://bugzilla.suse.com/1251201"
},
{
"category": "self",
"summary": "SUSE Bug 1251202",
"url": "https://bugzilla.suse.com/1251202"
},
{
"category": "self",
"summary": "SUSE Bug 1251208",
"url": "https://bugzilla.suse.com/1251208"
},
{
"category": "self",
"summary": "SUSE Bug 1251210",
"url": "https://bugzilla.suse.com/1251210"
},
{
"category": "self",
"summary": "SUSE Bug 1251215",
"url": "https://bugzilla.suse.com/1251215"
},
{
"category": "self",
"summary": "SUSE Bug 1251218",
"url": "https://bugzilla.suse.com/1251218"
},
{
"category": "self",
"summary": "SUSE Bug 1251221",
"url": "https://bugzilla.suse.com/1251221"
},
{
"category": "self",
"summary": "SUSE Bug 1251222",
"url": "https://bugzilla.suse.com/1251222"
},
{
"category": "self",
"summary": "SUSE Bug 1251223",
"url": "https://bugzilla.suse.com/1251223"
},
{
"category": "self",
"summary": "SUSE Bug 1251230",
"url": "https://bugzilla.suse.com/1251230"
},
{
"category": "self",
"summary": "SUSE Bug 1251247",
"url": "https://bugzilla.suse.com/1251247"
},
{
"category": "self",
"summary": "SUSE Bug 1251268",
"url": "https://bugzilla.suse.com/1251268"
},
{
"category": "self",
"summary": "SUSE Bug 1251281",
"url": "https://bugzilla.suse.com/1251281"
},
{
"category": "self",
"summary": "SUSE Bug 1251282",
"url": "https://bugzilla.suse.com/1251282"
},
{
"category": "self",
"summary": "SUSE Bug 1251283",
"url": "https://bugzilla.suse.com/1251283"
},
{
"category": "self",
"summary": "SUSE Bug 1251284",
"url": "https://bugzilla.suse.com/1251284"
},
{
"category": "self",
"summary": "SUSE Bug 1251285",
"url": "https://bugzilla.suse.com/1251285"
},
{
"category": "self",
"summary": "SUSE Bug 1251286",
"url": "https://bugzilla.suse.com/1251286"
},
{
"category": "self",
"summary": "SUSE Bug 1251292",
"url": "https://bugzilla.suse.com/1251292"
},
{
"category": "self",
"summary": "SUSE Bug 1251294",
"url": "https://bugzilla.suse.com/1251294"
},
{
"category": "self",
"summary": "SUSE Bug 1251295",
"url": "https://bugzilla.suse.com/1251295"
},
{
"category": "self",
"summary": "SUSE Bug 1251296",
"url": "https://bugzilla.suse.com/1251296"
},
{
"category": "self",
"summary": "SUSE Bug 1251298",
"url": "https://bugzilla.suse.com/1251298"
},
{
"category": "self",
"summary": "SUSE Bug 1251299",
"url": "https://bugzilla.suse.com/1251299"
},
{
"category": "self",
"summary": "SUSE Bug 1251300",
"url": "https://bugzilla.suse.com/1251300"
},
{
"category": "self",
"summary": "SUSE Bug 1251301",
"url": "https://bugzilla.suse.com/1251301"
},
{
"category": "self",
"summary": "SUSE Bug 1251302",
"url": "https://bugzilla.suse.com/1251302"
},
{
"category": "self",
"summary": "SUSE Bug 1251303",
"url": "https://bugzilla.suse.com/1251303"
},
{
"category": "self",
"summary": "SUSE Bug 1251306",
"url": "https://bugzilla.suse.com/1251306"
},
{
"category": "self",
"summary": "SUSE Bug 1251307",
"url": "https://bugzilla.suse.com/1251307"
},
{
"category": "self",
"summary": "SUSE Bug 1251310",
"url": "https://bugzilla.suse.com/1251310"
},
{
"category": "self",
"summary": "SUSE Bug 1251312",
"url": "https://bugzilla.suse.com/1251312"
},
{
"category": "self",
"summary": "SUSE Bug 1251315",
"url": "https://bugzilla.suse.com/1251315"
},
{
"category": "self",
"summary": "SUSE Bug 1251322",
"url": "https://bugzilla.suse.com/1251322"
},
{
"category": "self",
"summary": "SUSE Bug 1251324",
"url": "https://bugzilla.suse.com/1251324"
},
{
"category": "self",
"summary": "SUSE Bug 1251325",
"url": "https://bugzilla.suse.com/1251325"
},
{
"category": "self",
"summary": "SUSE Bug 1251326",
"url": "https://bugzilla.suse.com/1251326"
},
{
"category": "self",
"summary": "SUSE Bug 1251327",
"url": "https://bugzilla.suse.com/1251327"
},
{
"category": "self",
"summary": "SUSE Bug 1251329",
"url": "https://bugzilla.suse.com/1251329"
},
{
"category": "self",
"summary": "SUSE Bug 1251330",
"url": "https://bugzilla.suse.com/1251330"
},
{
"category": "self",
"summary": "SUSE Bug 1251331",
"url": "https://bugzilla.suse.com/1251331"
},
{
"category": "self",
"summary": "SUSE Bug 1251519",
"url": "https://bugzilla.suse.com/1251519"
},
{
"category": "self",
"summary": "SUSE Bug 1251521",
"url": "https://bugzilla.suse.com/1251521"
},
{
"category": "self",
"summary": "SUSE Bug 1251522",
"url": "https://bugzilla.suse.com/1251522"
},
{
"category": "self",
"summary": "SUSE Bug 1251527",
"url": "https://bugzilla.suse.com/1251527"
},
{
"category": "self",
"summary": "SUSE Bug 1251529",
"url": "https://bugzilla.suse.com/1251529"
},
{
"category": "self",
"summary": "SUSE Bug 1251550",
"url": "https://bugzilla.suse.com/1251550"
},
{
"category": "self",
"summary": "SUSE Bug 1251723",
"url": "https://bugzilla.suse.com/1251723"
},
{
"category": "self",
"summary": "SUSE Bug 1251725",
"url": "https://bugzilla.suse.com/1251725"
},
{
"category": "self",
"summary": "SUSE Bug 1251728",
"url": "https://bugzilla.suse.com/1251728"
},
{
"category": "self",
"summary": "SUSE Bug 1251730",
"url": "https://bugzilla.suse.com/1251730"
},
{
"category": "self",
"summary": "SUSE Bug 1251736",
"url": "https://bugzilla.suse.com/1251736"
},
{
"category": "self",
"summary": "SUSE Bug 1251737",
"url": "https://bugzilla.suse.com/1251737"
},
{
"category": "self",
"summary": "SUSE Bug 1251738",
"url": "https://bugzilla.suse.com/1251738"
},
{
"category": "self",
"summary": "SUSE Bug 1251741",
"url": "https://bugzilla.suse.com/1251741"
},
{
"category": "self",
"summary": "SUSE Bug 1251743",
"url": "https://bugzilla.suse.com/1251743"
},
{
"category": "self",
"summary": "SUSE Bug 1251750",
"url": "https://bugzilla.suse.com/1251750"
},
{
"category": "self",
"summary": "SUSE Bug 1251753",
"url": "https://bugzilla.suse.com/1251753"
},
{
"category": "self",
"summary": "SUSE Bug 1251759",
"url": "https://bugzilla.suse.com/1251759"
},
{
"category": "self",
"summary": "SUSE Bug 1251761",
"url": "https://bugzilla.suse.com/1251761"
},
{
"category": "self",
"summary": "SUSE Bug 1251762",
"url": "https://bugzilla.suse.com/1251762"
},
{
"category": "self",
"summary": "SUSE Bug 1251763",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "self",
"summary": "SUSE Bug 1251764",
"url": "https://bugzilla.suse.com/1251764"
},
{
"category": "self",
"summary": "SUSE Bug 1251767",
"url": "https://bugzilla.suse.com/1251767"
},
{
"category": "self",
"summary": "SUSE Bug 1251769",
"url": "https://bugzilla.suse.com/1251769"
},
{
"category": "self",
"summary": "SUSE Bug 1251772",
"url": "https://bugzilla.suse.com/1251772"
},
{
"category": "self",
"summary": "SUSE Bug 1251775",
"url": "https://bugzilla.suse.com/1251775"
},
{
"category": "self",
"summary": "SUSE Bug 1251777",
"url": "https://bugzilla.suse.com/1251777"
},
{
"category": "self",
"summary": "SUSE Bug 1251785",
"url": "https://bugzilla.suse.com/1251785"
},
{
"category": "self",
"summary": "SUSE Bug 1251823",
"url": "https://bugzilla.suse.com/1251823"
},
{
"category": "self",
"summary": "SUSE Bug 1251930",
"url": "https://bugzilla.suse.com/1251930"
},
{
"category": "self",
"summary": "SUSE Bug 1251967",
"url": "https://bugzilla.suse.com/1251967"
},
{
"category": "self",
"summary": "SUSE Bug 1252033",
"url": "https://bugzilla.suse.com/1252033"
},
{
"category": "self",
"summary": "SUSE Bug 1252035",
"url": "https://bugzilla.suse.com/1252035"
},
{
"category": "self",
"summary": "SUSE Bug 1252047",
"url": "https://bugzilla.suse.com/1252047"
},
{
"category": "self",
"summary": "SUSE Bug 1252060",
"url": "https://bugzilla.suse.com/1252060"
},
{
"category": "self",
"summary": "SUSE Bug 1252069",
"url": "https://bugzilla.suse.com/1252069"
},
{
"category": "self",
"summary": "SUSE Bug 1252265",
"url": "https://bugzilla.suse.com/1252265"
},
{
"category": "self",
"summary": "SUSE Bug 1252473",
"url": "https://bugzilla.suse.com/1252473"
},
{
"category": "self",
"summary": "SUSE Bug 1252474",
"url": "https://bugzilla.suse.com/1252474"
},
{
"category": "self",
"summary": "SUSE Bug 1252475",
"url": "https://bugzilla.suse.com/1252475"
},
{
"category": "self",
"summary": "SUSE Bug 1252476",
"url": "https://bugzilla.suse.com/1252476"
},
{
"category": "self",
"summary": "SUSE Bug 1252480",
"url": "https://bugzilla.suse.com/1252480"
},
{
"category": "self",
"summary": "SUSE Bug 1252484",
"url": "https://bugzilla.suse.com/1252484"
},
{
"category": "self",
"summary": "SUSE Bug 1252486",
"url": "https://bugzilla.suse.com/1252486"
},
{
"category": "self",
"summary": "SUSE Bug 1252489",
"url": "https://bugzilla.suse.com/1252489"
},
{
"category": "self",
"summary": "SUSE Bug 1252490",
"url": "https://bugzilla.suse.com/1252490"
},
{
"category": "self",
"summary": "SUSE Bug 1252492",
"url": "https://bugzilla.suse.com/1252492"
},
{
"category": "self",
"summary": "SUSE Bug 1252494",
"url": "https://bugzilla.suse.com/1252494"
},
{
"category": "self",
"summary": "SUSE Bug 1252495",
"url": "https://bugzilla.suse.com/1252495"
},
{
"category": "self",
"summary": "SUSE Bug 1252497",
"url": "https://bugzilla.suse.com/1252497"
},
{
"category": "self",
"summary": "SUSE Bug 1252499",
"url": "https://bugzilla.suse.com/1252499"
},
{
"category": "self",
"summary": "SUSE Bug 1252501",
"url": "https://bugzilla.suse.com/1252501"
},
{
"category": "self",
"summary": "SUSE Bug 1252508",
"url": "https://bugzilla.suse.com/1252508"
},
{
"category": "self",
"summary": "SUSE Bug 1252509",
"url": "https://bugzilla.suse.com/1252509"
},
{
"category": "self",
"summary": "SUSE Bug 1252513",
"url": "https://bugzilla.suse.com/1252513"
},
{
"category": "self",
"summary": "SUSE Bug 1252515",
"url": "https://bugzilla.suse.com/1252515"
},
{
"category": "self",
"summary": "SUSE Bug 1252516",
"url": "https://bugzilla.suse.com/1252516"
},
{
"category": "self",
"summary": "SUSE Bug 1252519",
"url": "https://bugzilla.suse.com/1252519"
},
{
"category": "self",
"summary": "SUSE Bug 1252521",
"url": "https://bugzilla.suse.com/1252521"
},
{
"category": "self",
"summary": "SUSE Bug 1252522",
"url": "https://bugzilla.suse.com/1252522"
},
{
"category": "self",
"summary": "SUSE Bug 1252523",
"url": "https://bugzilla.suse.com/1252523"
},
{
"category": "self",
"summary": "SUSE Bug 1252526",
"url": "https://bugzilla.suse.com/1252526"
},
{
"category": "self",
"summary": "SUSE Bug 1252528",
"url": "https://bugzilla.suse.com/1252528"
},
{
"category": "self",
"summary": "SUSE Bug 1252529",
"url": "https://bugzilla.suse.com/1252529"
},
{
"category": "self",
"summary": "SUSE Bug 1252532",
"url": "https://bugzilla.suse.com/1252532"
},
{
"category": "self",
"summary": "SUSE Bug 1252534",
"url": "https://bugzilla.suse.com/1252534"
},
{
"category": "self",
"summary": "SUSE Bug 1252535",
"url": "https://bugzilla.suse.com/1252535"
},
{
"category": "self",
"summary": "SUSE Bug 1252536",
"url": "https://bugzilla.suse.com/1252536"
},
{
"category": "self",
"summary": "SUSE Bug 1252537",
"url": "https://bugzilla.suse.com/1252537"
},
{
"category": "self",
"summary": "SUSE Bug 1252538",
"url": "https://bugzilla.suse.com/1252538"
},
{
"category": "self",
"summary": "SUSE Bug 1252539",
"url": "https://bugzilla.suse.com/1252539"
},
{
"category": "self",
"summary": "SUSE Bug 1252542",
"url": "https://bugzilla.suse.com/1252542"
},
{
"category": "self",
"summary": "SUSE Bug 1252545",
"url": "https://bugzilla.suse.com/1252545"
},
{
"category": "self",
"summary": "SUSE Bug 1252549",
"url": "https://bugzilla.suse.com/1252549"
},
{
"category": "self",
"summary": "SUSE Bug 1252554",
"url": "https://bugzilla.suse.com/1252554"
},
{
"category": "self",
"summary": "SUSE Bug 1252560",
"url": "https://bugzilla.suse.com/1252560"
},
{
"category": "self",
"summary": "SUSE Bug 1252564",
"url": "https://bugzilla.suse.com/1252564"
},
{
"category": "self",
"summary": "SUSE Bug 1252565",
"url": "https://bugzilla.suse.com/1252565"
},
{
"category": "self",
"summary": "SUSE Bug 1252568",
"url": "https://bugzilla.suse.com/1252568"
},
{
"category": "self",
"summary": "SUSE Bug 1252632",
"url": "https://bugzilla.suse.com/1252632"
},
{
"category": "self",
"summary": "SUSE Bug 1252634",
"url": "https://bugzilla.suse.com/1252634"
},
{
"category": "self",
"summary": "SUSE Bug 1252688",
"url": "https://bugzilla.suse.com/1252688"
},
{
"category": "self",
"summary": "SUSE Bug 1252785",
"url": "https://bugzilla.suse.com/1252785"
},
{
"category": "self",
"summary": "SUSE Bug 1252893",
"url": "https://bugzilla.suse.com/1252893"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-43945 page",
"url": "https://www.suse.com/security/cve/CVE-2022-43945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50327 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50334 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50334/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50470 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50471 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50472 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50475 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50478 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50479 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50480 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50482 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50484 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50485 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50487 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50488 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50489 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50490 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50492 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50493 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50494 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50496 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50497 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50497/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50498 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50499 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50501 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50503 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50504 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50505 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50509 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50509/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50511 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50511/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50512 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50512/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50513 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50513/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50514 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50515 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50516 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50519 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50520 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50520/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50521 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50523 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50523/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50524 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50525 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50526 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50527 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50528 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50529 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50529/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50530 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50532 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50534 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50535 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50537 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50542 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50543 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50544 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50546 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50549 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50551 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50553 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50556 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50559 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50560 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50561 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50561/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50562 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50563 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50564 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50566 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50567 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50568 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50570 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50572 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50574 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50575 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50576 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50577 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50578 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50579 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50580 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50581 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50582 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52923 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53365 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53500 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53533 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53534 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53542 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53547 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53551 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53552 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53553 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53554 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53556 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53557 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53560 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53562 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53564 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53566 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53567 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53568 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53571 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53572 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53574 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53578 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53579 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53580 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53581 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53582 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53587 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53589 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53592 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53594 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53598 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53601 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53603 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53604 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53605 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53607 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53607/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53608 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53611 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53612 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53612/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53615 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53617 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53619 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53625 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53626 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53631 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53637 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53639 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53640 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53641 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53644 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53644/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53648 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53651 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53659 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53662 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53667 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53668 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53674 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53679 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53681 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53683 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53687 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53692 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53693 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53695 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53697 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53700 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53704 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53705 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53707 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53708 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53709 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53711 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53715 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53716 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53717 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53718 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53719 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53722 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53723 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53724 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53725 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53726 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7324 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38084 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38476 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39965 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40044/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-11-20T15:41:46Z",
"generator": {
"date": "2025-11-20T15:41:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4149-1",
"initial_release_date": "2025-11-20T15:41:46Z",
"revision_history": [
{
"date": "2025-11-20T15:41:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"product": {
"name": "kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"product_id": "kernel-devel-rt-5.14.21-150500.13.112.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.14.21-150500.13.112.1.noarch",
"product": {
"name": "kernel-source-rt-5.14.21-150500.13.112.1.noarch",
"product_id": "kernel-source-rt-5.14.21-150500.13.112.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "cluster-md-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "dlm-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "dlm-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "gfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-devel-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-devel-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-extra-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-extra-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-livepatch-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-optional-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-optional-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt-vdso-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt-vdso-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt_debug-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt_debug-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt_debug-devel-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-rt_debug-vdso-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kernel-syms-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "kernel-syms-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "kselftests-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "ocfs2-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.14.21-150500.13.112.1.x86_64",
"product_id": "reiserfs-kmp-rt-5.14.21-150500.13.112.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.14.21-150500.13.112.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch"
},
"product_reference": "kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.14.21-150500.13.112.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64"
},
"product_reference": "kernel-rt-5.14.21-150500.13.112.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.14.21-150500.13.112.1.noarch as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
},
"product_reference": "kernel-source-rt-5.14.21-150500.13.112.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-43945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-43945"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-43945",
"url": "https://www.suse.com/security/cve/CVE-2022-43945"
},
{
"category": "external",
"summary": "SUSE Bug 1205128 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205128"
},
{
"category": "external",
"summary": "SUSE Bug 1205130 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1205130"
},
{
"category": "external",
"summary": "SUSE Bug 1208030 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208030"
},
{
"category": "external",
"summary": "SUSE Bug 1208085 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1208085"
},
{
"category": "external",
"summary": "SUSE Bug 1209225 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1209225"
},
{
"category": "external",
"summary": "SUSE Bug 1210124 for CVE-2022-43945",
"url": "https://bugzilla.suse.com/1210124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-50327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: processor: idle: Check acpi_fetch_acpi_dev() return value\n\nThe return value of acpi_fetch_acpi_dev() could be NULL, which would\ncause a NULL pointer dereference to occur in acpi_device_hid().\n\n[ rjw: Subject and changelog edits, added empty line after if () ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50327",
"url": "https://www.suse.com/security/cve/CVE-2022-50327"
},
{
"category": "external",
"summary": "SUSE Bug 1249859 for CVE-2022-50327",
"url": "https://bugzilla.suse.com/1249859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50327"
},
{
"cve": "CVE-2022-50334",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50334"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()\n\nSyzkaller reports a null-ptr-deref bug as follows:\n======================================================\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nRIP: 0010:hugetlbfs_parse_param+0x1dd/0x8e0 fs/hugetlbfs/inode.c:1380\n[...]\nCall Trace:\n \u003cTASK\u003e\n vfs_parse_fs_param fs/fs_context.c:148 [inline]\n vfs_parse_fs_param+0x1f9/0x3c0 fs/fs_context.c:129\n vfs_parse_fs_string+0xdb/0x170 fs/fs_context.c:191\n generic_parse_monolithic+0x16f/0x1f0 fs/fs_context.c:231\n do_new_mount fs/namespace.c:3036 [inline]\n path_mount+0x12de/0x1e20 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x27f/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n [...]\n \u003c/TASK\u003e\n======================================================\n\nAccording to commit \"vfs: parse: deal with zero length string value\",\nkernel will set the param-\u003estring to null pointer in vfs_parse_fs_string()\nif fs string has zero length.\n\nYet the problem is that, hugetlbfs_parse_param() will dereference the\nparam-\u003estring, without checking whether it is a null pointer. To be more\nspecific, if hugetlbfs_parse_param() parses an illegal mount parameter,\nsuch as \"size=,\", kernel will constructs struct fs_parameter with null\npointer in vfs_parse_fs_string(), then passes this struct fs_parameter to\nhugetlbfs_parse_param(), which triggers the above null-ptr-deref bug.\n\nThis patch solves it by adding sanity check on param-\u003estring\nin hugetlbfs_parse_param().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50334",
"url": "https://www.suse.com/security/cve/CVE-2022-50334"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2022-50334",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249857 for CVE-2022-50334",
"url": "https://bugzilla.suse.com/1249857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50334"
},
{
"cve": "CVE-2022-50470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Remove device endpoints from bandwidth list when freeing the device\n\nEndpoints are normally deleted from the bandwidth list when they are\ndropped, before the virt device is freed.\n\nIf xHC host is dying or being removed then the endpoints aren\u0027t dropped\ncleanly due to functions returning early to avoid interacting with a\nnon-accessible host controller.\n\nSo check and delete endpoints that are still on the bandwidth list when\nfreeing the virt device.\n\nSolves a list_del corruption kernel crash when unbinding xhci-pci,\ncaused by xhci_mem_cleanup() when it later tried to delete already freed\nendpoints from the bandwidth list.\n\nThis only affects hosts that use software bandwidth checking, which\ncurrenty is only the xHC in intel Panther Point PCH (Ivy Bridge)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50470",
"url": "https://www.suse.com/security/cve/CVE-2022-50470"
},
{
"category": "external",
"summary": "SUSE Bug 1251202 for CVE-2022-50470",
"url": "https://bugzilla.suse.com/1251202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50470"
},
{
"cve": "CVE-2022-50471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/gntdev: Accommodate VMA splitting\n\nPrior to this commit, the gntdev driver code did not handle the\nfollowing scenario correctly with paravirtualized (PV) Xen domains:\n\n* User process sets up a gntdev mapping composed of two grant mappings\n (i.e., two pages shared by another Xen domain).\n* User process munmap()s one of the pages.\n* User process munmap()s the remaining page.\n* User process exits.\n\nIn the scenario above, the user process would cause the kernel to log\nthe following messages in dmesg for the first munmap(), and the second\nmunmap() call would result in similar log messages:\n\n BUG: Bad page map in process doublemap.test pte:... pmd:...\n page:0000000057c97bff refcount:1 mapcount:-1 \\\n mapping:0000000000000000 index:0x0 pfn:...\n ...\n page dumped because: bad pte\n ...\n file:gntdev fault:0x0 mmap:gntdev_mmap [xen_gntdev] readpage:0x0\n ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x46/0x5e\n print_bad_pte.cold+0x66/0xb6\n unmap_page_range+0x7e5/0xdc0\n unmap_vmas+0x78/0xf0\n unmap_region+0xa8/0x110\n __do_munmap+0x1ea/0x4e0\n __vm_munmap+0x75/0x120\n __x64_sys_munmap+0x28/0x40\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\n ...\n\nFor each munmap() call, the Xen hypervisor (if built with CONFIG_DEBUG)\nwould print out the following and trigger a general protection fault in\nthe affected Xen PV domain:\n\n (XEN) d0v... Attempt to implicitly unmap d0\u0027s grant PTE ...\n (XEN) d0v... Attempt to implicitly unmap d0\u0027s grant PTE ...\n\nAs of this writing, gntdev_grant_map structure\u0027s vma field (referred to\nas map-\u003evma below) is mainly used for checking the start and end\naddresses of mappings. However, with split VMAs, these may change, and\nthere could be more than one VMA associated with a gntdev mapping.\nHence, remove the use of map-\u003evma and rely on map-\u003epages_vm_start for\nthe original start address and on (map-\u003ecount \u003c\u003c PAGE_SHIFT) for the\noriginal mapping size. Let the invalidate() and find_special_page()\nhooks use these.\n\nAlso, given that there can be multiple VMAs associated with a gntdev\nmapping, move the \"mmu_interval_notifier_remove(\u0026map-\u003enotifier)\" call to\nthe end of gntdev_put_map, so that the MMU notifier is only removed\nafter the closing of the last remaining VMA.\n\nFinally, use an atomic to prevent inadvertent gntdev mapping re-use,\ninstead of using the map-\u003elive_grants atomic counter and/or the map-\u003evma\npointer (the latter of which is now removed). This prevents the\nuserspace from mmap()\u0027ing (with MAP_FIXED) a gntdev mapping over the\nsame address range as a previously set up gntdev mapping. This scenario\ncan be summarized with the following call-trace, which was valid prior\nto this commit:\n\n mmap\n gntdev_mmap\n mmap (repeat mmap with MAP_FIXED over the same address range)\n gntdev_invalidate\n unmap_grant_pages (sets \u0027being_removed\u0027 entries to true)\n gnttab_unmap_refs_async\n unmap_single_vma\n gntdev_mmap (maps the shared pages again)\n munmap\n gntdev_invalidate\n unmap_grant_pages\n (no-op because \u0027being_removed\u0027 entries are true)\n unmap_single_vma (For PV domains, Xen reports that a granted page\n is being unmapped and triggers a general protection fault in the\n affected domain, if Xen was built with CONFIG_DEBUG)\n\nThe fix for this last scenario could be worth its own commit, but we\nopted for a single commit, because removing the gntdev_grant_map\nstructure\u0027s vma field requires guarding the entry to gntdev_mmap(), and\nthe live_grants atomic counter is not sufficient on its own to prevent\nthe mmap() over a pre-existing mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50471",
"url": "https://www.suse.com/security/cve/CVE-2022-50471"
},
{
"category": "external",
"summary": "SUSE Bug 1251110 for CVE-2022-50471",
"url": "https://bugzilla.suse.com/1251110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50471"
},
{
"cve": "CVE-2022-50472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mad: Don\u0027t call to function that might sleep while in atomic context\n\nTracepoints are not allowed to sleep, as such the following splat is\ngenerated due to call to ib_query_pkey() in atomic context.\n\nWARNING: CPU: 0 PID: 1888000 at kernel/trace/ring_buffer.c:2492 rb_commit+0xc1/0x220\nCPU: 0 PID: 1888000 Comm: kworker/u9:0 Kdump: loaded Tainted: G OE --------- - - 4.18.0-305.3.1.el8.x86_64 #1\n Hardware name: Red Hat KVM, BIOS 1.13.0-2.module_el8.3.0+555+a55c8938 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:rb_commit+0xc1/0x220\n RSP: 0000:ffffa8ac80f9bca0 EFLAGS: 00010202\n RAX: ffff8951c7c01300 RBX: ffff8951c7c14a00 RCX: 0000000000000246\n RDX: ffff8951c707c000 RSI: ffff8951c707c57c RDI: ffff8951c7c14a00\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff8951c7c01300 R11: 0000000000000001 R12: 0000000000000246\n R13: 0000000000000000 R14: ffffffff964c70c0 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8951fbc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f20e8f39010 CR3: 000000002ca10005 CR4: 0000000000170ef0\n Call Trace:\n ring_buffer_unlock_commit+0x1d/0xa0\n trace_buffer_unlock_commit_regs+0x3b/0x1b0\n trace_event_buffer_commit+0x67/0x1d0\n trace_event_raw_event_ib_mad_recv_done_handler+0x11c/0x160 [ib_core]\n ib_mad_recv_done+0x48b/0xc10 [ib_core]\n ? trace_event_raw_event_cq_poll+0x6f/0xb0 [ib_core]\n __ib_process_cq+0x91/0x1c0 [ib_core]\n ib_cq_poll_work+0x26/0x80 [ib_core]\n process_one_work+0x1a7/0x360\n ? create_worker+0x1a0/0x1a0\n worker_thread+0x30/0x390\n ? create_worker+0x1a0/0x1a0\n kthread+0x116/0x130\n ? kthread_flush_work_fn+0x10/0x10\n ret_from_fork+0x35/0x40\n ---[ end trace 78ba8509d3830a16 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50472",
"url": "https://www.suse.com/security/cve/CVE-2022-50472"
},
{
"category": "external",
"summary": "SUSE Bug 1251101 for CVE-2022-50472",
"url": "https://bugzilla.suse.com/1251101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50472"
},
{
"cve": "CVE-2022-50475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Make sure \"ib_port\" is valid when access sysfs node\n\nThe \"ib_port\" structure must be set before adding the sysfs kobject,\nand reset after removing it, otherwise it may crash when accessing\nthe sysfs node:\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050\n Mem abort info:\n ESR = 0x96000006\n Exception class = DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp = 00000000e85f5ba5\n [0000000000000050] pgd=0000000848fd9003, pud=000000085b387003, pmd=0000000000000000\n Internal error: Oops: 96000006 [#2] PREEMPT SMP\n Modules linked in: ib_umad(O) mlx5_ib(O) nfnetlink_cttimeout(E) nfnetlink(E) act_gact(E) cls_flower(E) sch_ingress(E) openvswitch(E) nsh(E) nf_nat_ipv6(E) nf_nat_ipv4(E) nf_conncount(E) nf_nat(E) nf_conntrack(E) nf_defrag_ipv6(E) nf_defrag_ipv4(E) mst_pciconf(O) ipmi_devintf(E) ipmi_msghandler(E) ipmb_dev_int(OE) mlx5_core(O) mlxfw(O) mlxdevm(O) auxiliary(O) ib_uverbs(O) ib_core(O) mlx_compat(O) psample(E) sbsa_gwdt(E) uio_pdrv_genirq(E) uio(E) mlxbf_pmc(OE) mlxbf_gige(OE) mlxbf_tmfifo(OE) gpio_mlxbf2(OE) pwr_mlxbf(OE) mlx_trio(OE) i2c_mlxbf(OE) mlx_bootctl(OE) bluefield_edac(OE) knem(O) ip_tables(E) ipv6(E) crc_ccitt(E) [last unloaded: mst_pci]\n Process grep (pid: 3372, stack limit = 0x0000000022055c92)\n CPU: 5 PID: 3372 Comm: grep Tainted: G D OE 4.19.161-mlnx.47.gadcd9e3 #1\n Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS BlueField:3.9.2-15-ga2403ab Sep 8 2022\n pstate: 40000005 (nZcv daif -PAN -UAO)\n pc : hw_stat_port_show+0x4c/0x80 [ib_core]\n lr : port_attr_show+0x40/0x58 [ib_core]\n sp : ffff000029f43b50\n x29: ffff000029f43b50 x28: 0000000019375000\n x27: ffff8007b821a540 x26: ffff000029f43e30\n x25: 0000000000008000 x24: ffff000000eaa958\n x23: 0000000000001000 x22: ffff8007a4ce3000\n x21: ffff8007baff8000 x20: ffff8007b9066ac0\n x19: ffff8007bae97578 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000\n x15: 0000000000000000 x14: 0000000000000000\n x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000\n x9 : 0000000000000000 x8 : ffff8007a4ce4000\n x7 : 0000000000000000 x6 : 000000000000003f\n x5 : ffff000000e6a280 x4 : ffff8007a4ce3000\n x3 : 0000000000000000 x2 : aaaaaaaaaaaaaaab\n x1 : ffff8007b9066a10 x0 : ffff8007baff8000\n Call trace:\n hw_stat_port_show+0x4c/0x80 [ib_core]\n port_attr_show+0x40/0x58 [ib_core]\n sysfs_kf_seq_show+0x8c/0x150\n kernfs_seq_show+0x44/0x50\n seq_read+0x1b4/0x45c\n kernfs_fop_read+0x148/0x1d8\n __vfs_read+0x58/0x180\n vfs_read+0x94/0x154\n ksys_read+0x68/0xd8\n __arm64_sys_read+0x28/0x34\n el0_svc_common+0x88/0x18c\n el0_svc_handler+0x78/0x94\n el0_svc+0x8/0xe8\n Code: f2955562 aa1603e4 aa1503e0 f9405683 (f9402861)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50475",
"url": "https://www.suse.com/security/cve/CVE-2022-50475"
},
{
"category": "external",
"summary": "SUSE Bug 1251104 for CVE-2022-50475",
"url": "https://bugzilla.suse.com/1251104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50475"
},
{
"cve": "CVE-2022-50478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()\n\nPatch series \"nilfs2: fix UBSAN shift-out-of-bounds warnings on mount\ntime\".\n\nThe first patch fixes a bug reported by syzbot, and the second one fixes\nthe remaining bug of the same kind. Although they are triggered by the\nsame super block data anomaly, I divided it into the above two because the\ndetails of the issues and how to fix it are different.\n\nBoth are required to eliminate the shift-out-of-bounds issues at mount\ntime.\n\n\nThis patch (of 2):\n\nIf the block size exponent information written in an on-disk superblock is\ncorrupted, nilfs_sb2_bad_offset helper function can trigger\nshift-out-of-bounds warning followed by a kernel panic (if panic_on_warn\nis set):\n\n shift exponent 38983 is too large for 64-bit type \u0027unsigned long long\u0027\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:151 [inline]\n __ubsan_handle_shift_out_of_bounds+0x33d/0x3b0 lib/ubsan.c:322\n nilfs_sb2_bad_offset fs/nilfs2/the_nilfs.c:449 [inline]\n nilfs_load_super_block+0xdf5/0xe00 fs/nilfs2/the_nilfs.c:523\n init_nilfs+0xb7/0x7d0 fs/nilfs2/the_nilfs.c:577\n nilfs_fill_super+0xb1/0x5d0 fs/nilfs2/super.c:1047\n nilfs_mount+0x613/0x9b0 fs/nilfs2/super.c:1317\n ...\n\nIn addition, since nilfs_sb2_bad_offset() performs multiplication without\nconsidering the upper bound, the computation may overflow if the disk\nlayout parameters are not normal.\n\nThis fixes these issues by inserting preliminary sanity checks for those\nparameters and by converting the comparison from one involving\nmultiplication and left bit-shifting to one using division and right\nbit-shifting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50478",
"url": "https://www.suse.com/security/cve/CVE-2022-50478"
},
{
"category": "external",
"summary": "SUSE Bug 1251200 for CVE-2022-50478",
"url": "https://bugzilla.suse.com/1251200"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50478"
},
{
"cve": "CVE-2022-50479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: fix potential memory leak\n\nThis patch fix potential memory leak (clk_src) when function run\ninto last return NULL.\n\ns/free/kfree/ - Alex",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50479",
"url": "https://www.suse.com/security/cve/CVE-2022-50479"
},
{
"category": "external",
"summary": "SUSE Bug 1251037 for CVE-2022-50479",
"url": "https://bugzilla.suse.com/1251037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50479"
},
{
"cve": "CVE-2022-50480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()\n\nThe break of for_each_available_child_of_node() needs a\ncorresponding of_node_put() when the reference \u0027child\u0027 is not\nused anymore. Here we do not need to call of_node_put() in\nfail path as \u0027!match\u0027 means no break.\n\nWhile the of_platform_device_create() will created a new\nreference by \u0027child\u0027 but it has considered the refcounting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50480",
"url": "https://www.suse.com/security/cve/CVE-2022-50480"
},
{
"category": "external",
"summary": "SUSE Bug 1251047 for CVE-2022-50480",
"url": "https://bugzilla.suse.com/1251047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50480"
},
{
"cve": "CVE-2022-50482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clean up si_domain in the init_dmars() error path\n\nA splat from kmem_cache_destroy() was seen with a kernel prior to\ncommit ee2653bbe89d (\"iommu/vt-d: Remove domain and devinfo mempool\")\nwhen there was a failure in init_dmars(), because the iommu_domain\ncache still had objects. While the mempool code is now gone, there\nstill is a leak of the si_domain memory if init_dmars() fails. So\nclean up si_domain in the init_dmars() error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50482",
"url": "https://www.suse.com/security/cve/CVE-2022-50482"
},
{
"category": "external",
"summary": "SUSE Bug 1251133 for CVE-2022-50482",
"url": "https://bugzilla.suse.com/1251133"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50482"
},
{
"cve": "CVE-2022-50484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50484"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix potential memory leaks\n\nWhen the driver hits -ENOMEM at allocating a URB or a buffer, it\naborts and goes to the error path that releases the all previously\nallocated resources. However, when -ENOMEM hits at the middle of the\nsync EP URB allocation loop, the partially allocated URBs might be\nleft without released, because ep-\u003enurbs is still zero at that point.\n\nFix it by setting ep-\u003enurbs at first, so that the error handler loops\nover the full URB list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50484",
"url": "https://www.suse.com/security/cve/CVE-2022-50484"
},
{
"category": "external",
"summary": "SUSE Bug 1251115 for CVE-2022-50484",
"url": "https://bugzilla.suse.com/1251115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50484"
},
{
"cve": "CVE-2022-50485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50485"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add EXT4_IGET_BAD flag to prevent unexpected bad inode\n\nThere are many places that will get unhappy (and crash) when ext4_iget()\nreturns a bad inode. However, if iget the boot loader inode, allows a bad\ninode to be returned, because the inode may not be initialized. This\nmechanism can be used to bypass some checks and cause panic. To solve this\nproblem, we add a special iget flag EXT4_IGET_BAD. Only with this flag\nwe\u0027d be returning bad inode from ext4_iget(), otherwise we always return\nthe error code if the inode is bad inode.(suggested by Jan Kara)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50485",
"url": "https://www.suse.com/security/cve/CVE-2022-50485"
},
{
"category": "external",
"summary": "SUSE Bug 1251197 for CVE-2022-50485",
"url": "https://bugzilla.suse.com/1251197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50485"
},
{
"cve": "CVE-2022-50487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50487"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50487",
"url": "https://www.suse.com/security/cve/CVE-2022-50487"
},
{
"category": "external",
"summary": "SUSE Bug 1251208 for CVE-2022-50487",
"url": "https://bugzilla.suse.com/1251208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50487"
},
{
"cve": "CVE-2022-50488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix possible uaf for \u0027bfqq-\u003ebic\u0027\n\nOur test report a uaf for \u0027bfqq-\u003ebic\u0027 in 5.10:\n\n==================================================================\nBUG: KASAN: use-after-free in bfq_select_queue+0x378/0xa30\n\nCPU: 6 PID: 2318352 Comm: fsstress Kdump: loaded Not tainted 5.10.0-60.18.0.50.h602.kasan.eulerosv2r11.x86_64 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58-20220320_160524-szxrtosci10000 04/01/2014\nCall Trace:\n bfq_select_queue+0x378/0xa30\n bfq_dispatch_request+0xe8/0x130\n blk_mq_do_dispatch_sched+0x62/0xb0\n __blk_mq_sched_dispatch_requests+0x215/0x2a0\n blk_mq_sched_dispatch_requests+0x8f/0xd0\n __blk_mq_run_hw_queue+0x98/0x180\n __blk_mq_delay_run_hw_queue+0x22b/0x240\n blk_mq_run_hw_queue+0xe3/0x190\n blk_mq_sched_insert_requests+0x107/0x200\n blk_mq_flush_plug_list+0x26e/0x3c0\n blk_finish_plug+0x63/0x90\n __iomap_dio_rw+0x7b5/0x910\n iomap_dio_rw+0x36/0x80\n ext4_dio_read_iter+0x146/0x190 [ext4]\n ext4_file_read_iter+0x1e2/0x230 [ext4]\n new_sync_read+0x29f/0x400\n vfs_read+0x24e/0x2d0\n ksys_read+0xd5/0x1b0\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nCommit 3bc5e683c67d (\"bfq: Split shared queues on move between cgroups\")\nchanges that move process to a new cgroup will allocate a new bfqq to\nuse, however, the old bfqq and new bfqq can point to the same bic:\n\n1) Initial state, two process with io in the same cgroup.\n\nProcess 1 Process 2\n (BIC1) (BIC2)\n | ^ | ^\n | | | |\n V | V |\n bfqq1 bfqq2\n\n2) bfqq1 is merged to bfqq2.\n\nProcess 1 Process 2\n (BIC1) (BIC2)\n | |\n \\-------------\\|\n V\n bfqq1 bfqq2(coop)\n\n3) Process 1 exit, then issue new io(denoce IOA) from Process 2.\n\n (BIC2)\n | ^\n | |\n V |\n bfqq2(coop)\n\n4) Before IOA is completed, move Process 2 to another cgroup and issue io.\n\nProcess 2\n (BIC2)\n ^\n |\\--------------\\\n | V\n bfqq2 bfqq3\n\nNow that BIC2 points to bfqq3, while bfqq2 and bfqq3 both point to BIC2.\nIf all the requests are completed, and Process 2 exit, BIC2 will be\nfreed while there is no guarantee that bfqq2 will be freed before BIC2.\n\nFix the problem by clearing bfqq-\u003ebic while bfqq is detached from bic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50488",
"url": "https://www.suse.com/security/cve/CVE-2022-50488"
},
{
"category": "external",
"summary": "SUSE Bug 1251201 for CVE-2022-50488",
"url": "https://bugzilla.suse.com/1251201"
},
{
"category": "external",
"summary": "SUSE Bug 1251204 for CVE-2022-50488",
"url": "https://bugzilla.suse.com/1251204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50488"
},
{
"cve": "CVE-2022-50489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mipi-dsi: Detach devices when removing the host\n\nWhenever the MIPI-DSI host is unregistered, the code of\nmipi_dsi_host_unregister() loops over every device currently found on that\nbus and will unregister it.\n\nHowever, it doesn\u0027t detach it from the bus first, which leads to all kind\nof resource leaks if the host wants to perform some clean up whenever a\ndevice is detached.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50489",
"url": "https://www.suse.com/security/cve/CVE-2022-50489"
},
{
"category": "external",
"summary": "SUSE Bug 1251169 for CVE-2022-50489",
"url": "https://bugzilla.suse.com/1251169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50489"
},
{
"cve": "CVE-2022-50490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Propagate error from htab_lock_bucket() to userspace\n\nIn __htab_map_lookup_and_delete_batch() if htab_lock_bucket() returns\n-EBUSY, it will go to next bucket. Going to next bucket may not only\nskip the elements in current bucket silently, but also incur\nout-of-bound memory access or expose kernel memory to userspace if\ncurrent bucket_cnt is greater than bucket_size or zero.\n\nFixing it by stopping batch operation and returning -EBUSY when\nhtab_lock_bucket() fails, and the application can retry or skip the busy\nbatch as needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50490",
"url": "https://www.suse.com/security/cve/CVE-2022-50490"
},
{
"category": "external",
"summary": "SUSE Bug 1251164 for CVE-2022-50490",
"url": "https://bugzilla.suse.com/1251164"
},
{
"category": "external",
"summary": "SUSE Bug 1251165 for CVE-2022-50490",
"url": "https://bugzilla.suse.com/1251165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50490"
},
{
"cve": "CVE-2022-50492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: fix use-after-free on probe deferral\n\nThe bridge counter was never reset when tearing down the DRM device so\nthat stale pointers to deallocated structures would be accessed on the\nnext tear down (e.g. after a second late bind deferral).\n\nGiven enough bridges and a few probe deferrals this could currently also\nlead to data beyond the bridge array being corrupted.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502665/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50492",
"url": "https://www.suse.com/security/cve/CVE-2022-50492"
},
{
"category": "external",
"summary": "SUSE Bug 1251087 for CVE-2022-50492",
"url": "https://bugzilla.suse.com/1251087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50492"
},
{
"cve": "CVE-2022-50493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix crash when I/O abort times out\n\nWhile performing CPU hotplug, a crash with the following stack was seen:\n\nCall Trace:\n qla24xx_process_response_queue+0x42a/0x970 [qla2xxx]\n qla2x00_start_nvme_mq+0x3a2/0x4b0 [qla2xxx]\n qla_nvme_post_cmd+0x166/0x240 [qla2xxx]\n nvme_fc_start_fcp_op.part.0+0x119/0x2e0 [nvme_fc]\n blk_mq_dispatch_rq_list+0x17b/0x610\n __blk_mq_sched_dispatch_requests+0xb0/0x140\n blk_mq_sched_dispatch_requests+0x30/0x60\n __blk_mq_run_hw_queue+0x35/0x90\n __blk_mq_delay_run_hw_queue+0x161/0x180\n blk_execute_rq+0xbe/0x160\n __nvme_submit_sync_cmd+0x16f/0x220 [nvme_core]\n nvmf_connect_admin_queue+0x11a/0x170 [nvme_fabrics]\n nvme_fc_create_association.cold+0x50/0x3dc [nvme_fc]\n nvme_fc_connect_ctrl_work+0x19/0x30 [nvme_fc]\n process_one_work+0x1e8/0x3c0\n\nOn abort timeout, completion was called without checking if the I/O was\nalready completed.\n\nVerify that I/O and abort request are indeed outstanding before attempting\ncompletion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50493",
"url": "https://www.suse.com/security/cve/CVE-2022-50493"
},
{
"category": "external",
"summary": "SUSE Bug 1251088 for CVE-2022-50493",
"url": "https://bugzilla.suse.com/1251088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50493"
},
{
"cve": "CVE-2022-50494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash\n\nWhen CPU 0 is offline and intel_powerclamp is used to inject\nidle, it generates kernel BUG:\n\nBUG: using smp_processor_id() in preemptible [00000000] code: bash/15687\ncaller is debug_smp_processor_id+0x17/0x20\nCPU: 4 PID: 15687 Comm: bash Not tainted 5.19.0-rc7+ #57\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\ncheck_preemption_disabled+0xdd/0xe0\ndebug_smp_processor_id+0x17/0x20\npowerclamp_set_cur_state+0x7f/0xf9 [intel_powerclamp]\n...\n...\n\nHere CPU 0 is the control CPU by default and changed to the current CPU,\nif CPU 0 offlined. This check has to be performed under cpus_read_lock(),\nhence the above warning.\n\nUse get_cpu() instead of smp_processor_id() to avoid this BUG.\n\n[ rjw: Subject edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50494",
"url": "https://www.suse.com/security/cve/CVE-2022-50494"
},
{
"category": "external",
"summary": "SUSE Bug 1251173 for CVE-2022-50494",
"url": "https://bugzilla.suse.com/1251173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50494"
},
{
"cve": "CVE-2022-50496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: Fix UAF in destroy()\n\nDm_cache also has the same UAF problem when dm_resume()\nand dm_destroy() are concurrent.\n\nTherefore, cancelling timer again in destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50496",
"url": "https://www.suse.com/security/cve/CVE-2022-50496"
},
{
"category": "external",
"summary": "SUSE Bug 1251091 for CVE-2022-50496",
"url": "https://bugzilla.suse.com/1251091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50496"
},
{
"cve": "CVE-2022-50497",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50497"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_misc: fix shift-out-of-bounds in check_special_flags\n\nUBSAN reported a shift-out-of-bounds warning:\n\n left shift of 1 by 31 places cannot be represented in type \u0027int\u0027\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106\n ubsan_epilogue+0xa/0x44 lib/ubsan.c:151\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322\n check_special_flags fs/binfmt_misc.c:241 [inline]\n create_entry fs/binfmt_misc.c:456 [inline]\n bm_register_write+0x9d3/0xa20 fs/binfmt_misc.c:654\n vfs_write+0x11e/0x580 fs/read_write.c:582\n ksys_write+0xcf/0x120 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x34/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x4194e1\n\nSince the type of Node\u0027s flags is unsigned long, we should define these\nmacros with same type too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50497",
"url": "https://www.suse.com/security/cve/CVE-2022-50497"
},
{
"category": "external",
"summary": "SUSE Bug 1251223 for CVE-2022-50497",
"url": "https://bugzilla.suse.com/1251223"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50497"
},
{
"cve": "CVE-2022-50498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: alx: take rtnl_lock on resume\n\nZbynek reports that alx trips an rtnl assertion on resume:\n\n RTNL: assertion failed at net/core/dev.c (2891)\n RIP: 0010:netif_set_real_num_tx_queues+0x1ac/0x1c0\n Call Trace:\n \u003cTASK\u003e\n __alx_open+0x230/0x570 [alx]\n alx_resume+0x54/0x80 [alx]\n ? pci_legacy_resume+0x80/0x80\n dpm_run_callback+0x4a/0x150\n device_resume+0x8b/0x190\n async_resume+0x19/0x30\n async_run_entry_fn+0x30/0x130\n process_one_work+0x1e5/0x3b0\n\nindeed the driver does not hold rtnl_lock during its internal close\nand re-open functions during suspend/resume. Note that this is not\na huge bug as the driver implements its own locking, and does not\nimplement changing the number of queues, but we need to silence\nthe splat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50498",
"url": "https://www.suse.com/security/cve/CVE-2022-50498"
},
{
"category": "external",
"summary": "SUSE Bug 1251092 for CVE-2022-50498",
"url": "https://bugzilla.suse.com/1251092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50498"
},
{
"cve": "CVE-2022-50499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-core: Fix double free in dvb_register_device()\n\nIn function dvb_register_device() -\u003e dvb_register_media_device() -\u003e\ndvb_create_media_entity(), dvb-\u003eentity is allocated and initialized. If\nthe initialization fails, it frees the dvb-\u003eentity, and return an error\ncode. The caller takes the error code and handles the error by calling\ndvb_media_device_free(), which unregisters the entity and frees the\nfield again if it is not NULL. As dvb-\u003eentity may not NULLed in\ndvb_create_media_entity() when the allocation of dvbdev-\u003epad fails, a\ndouble free may occur. This may also cause an Use After free in\nmedia_device_unregister_entity().\n\nFix this by storing NULL to dvb-\u003eentity when it is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50499",
"url": "https://www.suse.com/security/cve/CVE-2022-50499"
},
{
"category": "external",
"summary": "SUSE Bug 1251093 for CVE-2022-50499",
"url": "https://bugzilla.suse.com/1251093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2022-50499"
},
{
"cve": "CVE-2022-50501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: coda: Add check for dcoda_iram_alloc\n\nAs the coda_iram_alloc may return NULL pointer,\nit should be better to check the return value\nin order to avoid NULL poineter dereference,\nsame as the others.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50501",
"url": "https://www.suse.com/security/cve/CVE-2022-50501"
},
{
"category": "external",
"summary": "SUSE Bug 1251099 for CVE-2022-50501",
"url": "https://bugzilla.suse.com/1251099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50501"
},
{
"cve": "CVE-2022-50503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: lpddr2_nvm: Fix possible null-ptr-deref\n\nIt will cause null-ptr-deref when resource_size(add_range) invoked,\nif platform_get_resource() returns NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50503",
"url": "https://www.suse.com/security/cve/CVE-2022-50503"
},
{
"category": "external",
"summary": "SUSE Bug 1251097 for CVE-2022-50503",
"url": "https://bugzilla.suse.com/1251097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50503"
},
{
"cve": "CVE-2022-50504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50504"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/rtas: avoid scheduling in rtas_os_term()\n\nIt\u0027s unsafe to use rtas_busy_delay() to handle a busy status from\nthe ibm,os-term RTAS function in rtas_os_term():\n\nKernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b\nBUG: sleeping function called from invalid context at arch/powerpc/kernel/rtas.c:618\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 1, name: swapper/0\npreempt_count: 2, expected: 0\nCPU: 7 PID: 1 Comm: swapper/0 Tainted: G D 6.0.0-rc5-02182-gf8553a572277-dirty #9\nCall Trace:\n[c000000007b8f000] [c000000001337110] dump_stack_lvl+0xb4/0x110 (unreliable)\n[c000000007b8f040] [c0000000002440e4] __might_resched+0x394/0x3c0\n[c000000007b8f0e0] [c00000000004f680] rtas_busy_delay+0x120/0x1b0\n[c000000007b8f100] [c000000000052d04] rtas_os_term+0xb8/0xf4\n[c000000007b8f180] [c0000000001150fc] pseries_panic+0x50/0x68\n[c000000007b8f1f0] [c000000000036354] ppc_panic_platform_handler+0x34/0x50\n[c000000007b8f210] [c0000000002303c4] notifier_call_chain+0xd4/0x1c0\n[c000000007b8f2b0] [c0000000002306cc] atomic_notifier_call_chain+0xac/0x1c0\n[c000000007b8f2f0] [c0000000001d62b8] panic+0x228/0x4d0\n[c000000007b8f390] [c0000000001e573c] do_exit+0x140c/0x1420\n[c000000007b8f480] [c0000000001e586c] make_task_dead+0xdc/0x200\n\nUse rtas_busy_delay_time() instead, which signals without side effects\nwhether to attempt the ibm,os-term RTAS call again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50504",
"url": "https://www.suse.com/security/cve/CVE-2022-50504"
},
{
"category": "external",
"summary": "SUSE Bug 1251182 for CVE-2022-50504",
"url": "https://bugzilla.suse.com/1251182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50504"
},
{
"cve": "CVE-2022-50505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50505"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix pci device refcount leak in ppr_notifier()\n\nAs comment of pci_get_domain_bus_and_slot() says, it returns\na pci device with refcount increment, when finish using it,\nthe caller must decrement the reference count by calling\npci_dev_put(). So call it before returning from ppr_notifier()\nto avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50505",
"url": "https://www.suse.com/security/cve/CVE-2022-50505"
},
{
"category": "external",
"summary": "SUSE Bug 1251086 for CVE-2022-50505",
"url": "https://bugzilla.suse.com/1251086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50505"
},
{
"cve": "CVE-2022-50509",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50509"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: coda: Add check for kmalloc\n\nAs the kmalloc may return NULL pointer,\nit should be better to check the return value\nin order to avoid NULL poineter dereference,\nsame as the others.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50509",
"url": "https://www.suse.com/security/cve/CVE-2022-50509"
},
{
"category": "external",
"summary": "SUSE Bug 1251522 for CVE-2022-50509",
"url": "https://bugzilla.suse.com/1251522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50509"
},
{
"cve": "CVE-2022-50511",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50511"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/fonts: fix undefined behavior in bit shift for get_default_font\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in lib/fonts/fonts.c:139:20\nleft shift of 1 by 31 places cannot be represented in type \u0027int\u0027\n \u003cTASK\u003e\n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n get_default_font+0x1c7/0x1f0\n fbcon_startup+0x347/0x3a0\n do_take_over_console+0xce/0x270\n do_fbcon_takeover+0xa1/0x170\n do_fb_registered+0x2a8/0x340\n fbcon_fb_registered+0x47/0xe0\n register_framebuffer+0x294/0x4a0\n __drm_fb_helper_initial_config_and_unlock+0x43c/0x880 [drm_kms_helper]\n drm_fb_helper_initial_config+0x52/0x80 [drm_kms_helper]\n drm_fbdev_client_hotplug+0x156/0x1b0 [drm_kms_helper]\n drm_fbdev_generic_setup+0xfc/0x290 [drm_kms_helper]\n bochs_pci_probe+0x6ca/0x772 [bochs]\n local_pci_probe+0x4d/0xb0\n pci_device_probe+0x119/0x320\n really_probe+0x181/0x550\n __driver_probe_device+0xc6/0x220\n driver_probe_device+0x32/0x100\n __driver_attach+0x195/0x200\n bus_for_each_dev+0xbb/0x120\n driver_attach+0x27/0x30\n bus_add_driver+0x22e/0x2f0\n driver_register+0xa9/0x190\n __pci_register_driver+0x90/0xa0\n bochs_pci_driver_init+0x52/0x1000 [bochs]\n do_one_initcall+0x76/0x430\n do_init_module+0x61/0x28a\n load_module+0x1f82/0x2e50\n __do_sys_finit_module+0xf8/0x190\n __x64_sys_finit_module+0x23/0x30\n do_syscall_64+0x58/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50511",
"url": "https://www.suse.com/security/cve/CVE-2022-50511"
},
{
"category": "external",
"summary": "SUSE Bug 1251527 for CVE-2022-50511",
"url": "https://bugzilla.suse.com/1251527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50511"
},
{
"cve": "CVE-2022-50512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50512"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix potential memory leak in ext4_fc_record_regions()\n\nAs krealloc may return NULL, in this case \u0027state-\u003efc_regions\u0027 may not be\nfreed by krealloc, but \u0027state-\u003efc_regions\u0027 already set NULL. Then will\nlead to \u0027state-\u003efc_regions\u0027 memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50512",
"url": "https://www.suse.com/security/cve/CVE-2022-50512"
},
{
"category": "external",
"summary": "SUSE Bug 1251296 for CVE-2022-50512",
"url": "https://bugzilla.suse.com/1251296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50512"
},
{
"cve": "CVE-2022-50513",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50513"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()\n\nIn rtw_init_cmd_priv(), if `pcmdpriv-\u003ersp_allocated_buf` is allocated\nin failure, then `pcmdpriv-\u003ecmd_allocated_buf` will be not properly\nreleased. Besides, considering there are only two error paths and the\nfirst one can directly return, so we do not need implicitly jump to the\n`exit` tag to execute the error handler.\n\nSo this patch added `kfree(pcmdpriv-\u003ecmd_allocated_buf);` on the error\npath to release the resource and simplified the return logic of\nrtw_init_cmd_priv(). As there is no proper device to test with, no runtime\ntesting was performed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50513",
"url": "https://www.suse.com/security/cve/CVE-2022-50513"
},
{
"category": "external",
"summary": "SUSE Bug 1251730 for CVE-2022-50513",
"url": "https://bugzilla.suse.com/1251730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50513"
},
{
"cve": "CVE-2022-50514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_hid: fix refcount leak on error path\n\nWhen failing to allocate report_desc, opts-\u003erefcnt has already been\nincremented so it needs to be decremented to avoid leaving the options\nstructure permanently locked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50514",
"url": "https://www.suse.com/security/cve/CVE-2022-50514"
},
{
"category": "external",
"summary": "SUSE Bug 1251737 for CVE-2022-50514",
"url": "https://bugzilla.suse.com/1251737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50514"
},
{
"cve": "CVE-2022-50515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue()\n\nIf construction of the array of work queues to handle hpd_rx_irq offload\nwork fails, we need to unwind. Destroy all the created workqueues and\nthe allocated memory for the hpd_rx_irq_offload_work_queue struct array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50515",
"url": "https://www.suse.com/security/cve/CVE-2022-50515"
},
{
"category": "external",
"summary": "SUSE Bug 1251315 for CVE-2022-50515",
"url": "https://bugzilla.suse.com/1251315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50515"
},
{
"cve": "CVE-2022-50516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: dlm: fix invalid derefence of sb_lvbptr\n\nI experience issues when putting a lkbsb on the stack and have sb_lvbptr\nfield to a dangled pointer while not using DLM_LKF_VALBLK. It will crash\nwith the following kernel message, the dangled pointer is here\n0xdeadbeef as example:\n\n[ 102.749317] BUG: unable to handle page fault for address: 00000000deadbeef\n[ 102.749320] #PF: supervisor read access in kernel mode\n[ 102.749323] #PF: error_code(0x0000) - not-present page\n[ 102.749325] PGD 0 P4D 0\n[ 102.749332] Oops: 0000 [#1] PREEMPT SMP PTI\n[ 102.749336] CPU: 0 PID: 1567 Comm: lock_torture_wr Tainted: G W 5.19.0-rc3+ #1565\n[ 102.749343] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-2.module+el8.7.0+15506+033991b0 04/01/2014\n[ 102.749344] RIP: 0010:memcpy_erms+0x6/0x10\n[ 102.749353] Code: cc cc cc cc eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 \u003cf3\u003e a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe\n[ 102.749355] RSP: 0018:ffff97a58145fd08 EFLAGS: 00010202\n[ 102.749358] RAX: ffff901778b77070 RBX: 0000000000000000 RCX: 0000000000000040\n[ 102.749360] RDX: 0000000000000040 RSI: 00000000deadbeef RDI: ffff901778b77070\n[ 102.749362] RBP: ffff97a58145fd10 R08: ffff901760b67a70 R09: 0000000000000001\n[ 102.749364] R10: ffff9017008e2cb8 R11: 0000000000000001 R12: ffff901760b67a70\n[ 102.749366] R13: ffff901760b78f00 R14: 0000000000000003 R15: 0000000000000001\n[ 102.749368] FS: 0000000000000000(0000) GS:ffff901876e00000(0000) knlGS:0000000000000000\n[ 102.749372] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 102.749374] CR2: 00000000deadbeef CR3: 000000017c49a004 CR4: 0000000000770ef0\n[ 102.749376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 102.749378] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 102.749379] PKRU: 55555554\n[ 102.749381] Call Trace:\n[ 102.749382] \u003cTASK\u003e\n[ 102.749383] ? send_args+0xb2/0xd0\n[ 102.749389] send_common+0xb7/0xd0\n[ 102.749395] _unlock_lock+0x2c/0x90\n[ 102.749400] unlock_lock.isra.56+0x62/0xa0\n[ 102.749405] dlm_unlock+0x21e/0x330\n[ 102.749411] ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[ 102.749416] torture_unlock+0x5a/0x90 [dlm_locktorture]\n[ 102.749419] ? preempt_count_sub+0xba/0x100\n[ 102.749427] lock_torture_writer+0xbd/0x150 [dlm_locktorture]\n[ 102.786186] kthread+0x10a/0x130\n[ 102.786581] ? kthread_complete_and_exit+0x20/0x20\n[ 102.787156] ret_from_fork+0x22/0x30\n[ 102.787588] \u003c/TASK\u003e\n[ 102.787855] Modules linked in: dlm_locktorture torture rpcsec_gss_krb5 intel_rapl_msr intel_rapl_common kvm_intel iTCO_wdt iTCO_vendor_support kvm vmw_vsock_virtio_transport qxl irqbypass vmw_vsock_virtio_transport_common drm_ttm_helper crc32_pclmul joydev crc32c_intel ttm vsock virtio_scsi virtio_balloon snd_pcm drm_kms_helper virtio_console snd_timer snd drm soundcore syscopyarea i2c_i801 sysfillrect sysimgblt i2c_smbus pcspkr fb_sys_fops lpc_ich serio_raw\n[ 102.792536] CR2: 00000000deadbeef\n[ 102.792930] ---[ end trace 0000000000000000 ]---\n\nThis patch fixes the issue by checking also on DLM_LKF_VALBLK on exflags\nis set when copying the lvbptr array instead of if it\u0027s just null which\nfixes for me the issue.\n\nI think this patch can fix other dlm users as well, depending how they\nhandle the init, freeing memory handling of sb_lvbptr and don\u0027t set\nDLM_LKF_VALBLK for some dlm_lock() calls. It might a there could be a\nhidden issue all the time. However with checking on DLM_LKF_VALBLK the\nuser always need to provide a sb_lvbptr non-null value. There might be\nmore intelligent handling between per ls lvblen, DLM_LKF_VALBLK and\nnon-null to report the user the way how DLM API is used is wrong but can\nbe added for later, this will only fix the current behaviour.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50516",
"url": "https://www.suse.com/security/cve/CVE-2022-50516"
},
{
"category": "external",
"summary": "SUSE Bug 1251741 for CVE-2022-50516",
"url": "https://bugzilla.suse.com/1251741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50516"
},
{
"cve": "CVE-2022-50519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50519"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure\n\nIf creation or finalization of a checkpoint fails due to anomalies in the\ncheckpoint metadata on disk, a kernel warning is generated.\n\nThis patch replaces the WARN_ONs by nilfs_error, so that a kernel, booted\nwith panic_on_warn, does not panic. A nilfs_error is appropriate here to\nhandle the abnormal filesystem condition.\n\nThis also replaces the detected error codes with an I/O error so that\nneither of the internal error codes is returned to callers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50519",
"url": "https://www.suse.com/security/cve/CVE-2022-50519"
},
{
"category": "external",
"summary": "SUSE Bug 1251295 for CVE-2022-50519",
"url": "https://bugzilla.suse.com/1251295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50519"
},
{
"cve": "CVE-2022-50520",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50520"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()\n\nAs comment of pci_get_class() says, it returns a pci_device with its\nrefcount increased and decreased the refcount for the input parameter\n@from if it is not NULL.\n\nIf we break the loop in radeon_atrm_get_bios() with \u0027pdev\u0027 not NULL, we\nneed to call pci_dev_put() to decrease the refcount. Add the missing\npci_dev_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50520",
"url": "https://www.suse.com/security/cve/CVE-2022-50520"
},
{
"category": "external",
"summary": "SUSE Bug 1251310 for CVE-2022-50520",
"url": "https://bugzilla.suse.com/1251310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50520"
},
{
"cve": "CVE-2022-50521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()\n\nThe ACPI buffer memory (out.pointer) returned by wmi_evaluate_method()\nis not freed after the call, so it leads to memory leak.\n\nThe method results in ACPI buffer is not used, so just pass NULL to\nwmi_evaluate_method() which fixes the memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50521",
"url": "https://www.suse.com/security/cve/CVE-2022-50521"
},
{
"category": "external",
"summary": "SUSE Bug 1251312 for CVE-2022-50521",
"url": "https://bugzilla.suse.com/1251312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50521"
},
{
"cve": "CVE-2022-50523",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50523"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: rockchip: Fix memory leak in rockchip_clk_register_pll()\n\nIf clk_register() fails, @pll-\u003erate_table may have allocated memory by\nkmemdup(), so it needs to be freed, otherwise will cause memory leak\nissue, this patch fixes it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50523",
"url": "https://www.suse.com/security/cve/CVE-2022-50523"
},
{
"category": "external",
"summary": "SUSE Bug 1251306 for CVE-2022-50523",
"url": "https://bugzilla.suse.com/1251306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50523"
},
{
"cve": "CVE-2022-50524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Check return value after calling platform_get_resource()\n\nplatform_get_resource() may return NULL pointer, we need check its\nreturn value to avoid null-ptr-deref in resource_size().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50524",
"url": "https://www.suse.com/security/cve/CVE-2022-50524"
},
{
"category": "external",
"summary": "SUSE Bug 1251307 for CVE-2022-50524",
"url": "https://bugzilla.suse.com/1251307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50524"
},
{
"cve": "CVE-2022-50525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/fsl_pamu: Fix resource leak in fsl_pamu_probe()\n\nThe fsl_pamu_probe() returns directly when create_csd() failed, leaving\nirq and memories unreleased.\nFix by jumping to error if create_csd() returns error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50525",
"url": "https://www.suse.com/security/cve/CVE-2022-50525"
},
{
"category": "external",
"summary": "SUSE Bug 1251302 for CVE-2022-50525",
"url": "https://bugzilla.suse.com/1251302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50525"
},
{
"cve": "CVE-2022-50526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dp: fix memory corruption with too many bridges\n\nAdd the missing sanity check on the bridge counter to avoid corrupting\ndata beyond the fixed-sized bridge array in case there are ever more\nthan eight bridges.\n\nPatchwork: https://patchwork.freedesktop.org/patch/502664/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50526",
"url": "https://www.suse.com/security/cve/CVE-2022-50526"
},
{
"category": "external",
"summary": "SUSE Bug 1251301 for CVE-2022-50526",
"url": "https://bugzilla.suse.com/1251301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50526"
},
{
"cve": "CVE-2022-50527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix size validation for non-exclusive domains (v4)\n\nFix amdgpu_bo_validate_size() to check whether the TTM domain manager for the\nrequested memory exists, else we get a kernel oops when dereferencing \"man\".\n\nv2: Make the patch standalone, i.e. not dependent on local patches.\nv3: Preserve old behaviour and just check that the manager pointer is not\n NULL.\nv4: Complain if GTT domain requested and it is uninitialized--most likely a\n bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50527",
"url": "https://www.suse.com/security/cve/CVE-2022-50527"
},
{
"category": "external",
"summary": "SUSE Bug 1251738 for CVE-2022-50527",
"url": "https://bugzilla.suse.com/1251738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50527"
},
{
"cve": "CVE-2022-50528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50528"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix memory leakage\n\nThis patch fixes potential memory leakage and seg fault\nin _gpuvm_import_dmabuf() function",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50528",
"url": "https://www.suse.com/security/cve/CVE-2022-50528"
},
{
"category": "external",
"summary": "SUSE Bug 1251303 for CVE-2022-50528",
"url": "https://bugzilla.suse.com/1251303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50528"
},
{
"cve": "CVE-2022-50529",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50529"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntest_firmware: fix memory leak in test_firmware_init()\n\nWhen misc_register() failed in test_firmware_init(), the memory pointed\nby test_fw_config-\u003ename is not released. The memory leak information is\nas follows:\nunreferenced object 0xffff88810a34cb00 (size 32):\n comm \"insmod\", pid 7952, jiffies 4294948236 (age 49.060s)\n hex dump (first 32 bytes):\n 74 65 73 74 2d 66 69 72 6d 77 61 72 65 2e 62 69 test-firmware.bi\n 6e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 n...............\n backtrace:\n [\u003cffffffff81b21fcb\u003e] __kmalloc_node_track_caller+0x4b/0xc0\n [\u003cffffffff81affb96\u003e] kstrndup+0x46/0xc0\n [\u003cffffffffa0403a49\u003e] __test_firmware_config_init+0x29/0x380 [test_firmware]\n [\u003cffffffffa040f068\u003e] 0xffffffffa040f068\n [\u003cffffffff81002c41\u003e] do_one_initcall+0x141/0x780\n [\u003cffffffff816a72c3\u003e] do_init_module+0x1c3/0x630\n [\u003cffffffff816adb9e\u003e] load_module+0x623e/0x76a0\n [\u003cffffffff816af471\u003e] __do_sys_finit_module+0x181/0x240\n [\u003cffffffff89978f99\u003e] do_syscall_64+0x39/0xb0\n [\u003cffffffff89a0008b\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50529",
"url": "https://www.suse.com/security/cve/CVE-2022-50529"
},
{
"category": "external",
"summary": "SUSE Bug 1251298 for CVE-2022-50529",
"url": "https://bugzilla.suse.com/1251298"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50529"
},
{
"cve": "CVE-2022-50530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50530"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()\n\nOur syzkaller report a null pointer dereference, root cause is\nfollowing:\n\n__blk_mq_alloc_map_and_rqs\n set-\u003etags[hctx_idx] = blk_mq_alloc_map_and_rqs\n blk_mq_alloc_map_and_rqs\n blk_mq_alloc_rqs\n // failed due to oom\n alloc_pages_node\n // set-\u003etags[hctx_idx] is still NULL\n blk_mq_free_rqs\n drv_tags = set-\u003etags[hctx_idx];\n // null pointer dereference is triggered\n blk_mq_clear_rq_mapping(drv_tags, ...)\n\nThis is because commit 63064be150e4 (\"blk-mq:\nAdd blk_mq_alloc_map_and_rqs()\") merged the two steps:\n\n1) set-\u003etags[hctx_idx] = blk_mq_alloc_rq_map()\n2) blk_mq_alloc_rqs(..., set-\u003etags[hctx_idx])\n\ninto one step:\n\nset-\u003etags[hctx_idx] = blk_mq_alloc_map_and_rqs()\n\nSince tags is not initialized yet in this case, fix the problem by\nchecking if tags is NULL pointer in blk_mq_clear_rq_mapping().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50530",
"url": "https://www.suse.com/security/cve/CVE-2022-50530"
},
{
"category": "external",
"summary": "SUSE Bug 1251299 for CVE-2022-50530",
"url": "https://bugzilla.suse.com/1251299"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50530"
},
{
"cve": "CVE-2022-50532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50532"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()\n\nIn mpt3sas_transport_port_add(), if sas_rphy_add() returns error,\nsas_rphy_free() needs be called to free the resource allocated in\nsas_end_device_alloc(). Otherwise a kernel crash will happen:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000108\nCPU: 45 PID: 37020 Comm: bash Kdump: loaded Tainted: G W 6.1.0-rc1+ #189\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : device_del+0x54/0x3d0\nlr : device_del+0x37c/0x3d0\nCall trace:\n device_del+0x54/0x3d0\n attribute_container_class_device_del+0x28/0x38\n transport_remove_classdev+0x6c/0x80\n attribute_container_device_trigger+0x108/0x110\n transport_remove_device+0x28/0x38\n sas_rphy_remove+0x50/0x78 [scsi_transport_sas]\n sas_port_delete+0x30/0x148 [scsi_transport_sas]\n do_sas_phy_delete+0x78/0x80 [scsi_transport_sas]\n device_for_each_child+0x68/0xb0\n sas_remove_children+0x30/0x50 [scsi_transport_sas]\n sas_rphy_remove+0x38/0x78 [scsi_transport_sas]\n sas_port_delete+0x30/0x148 [scsi_transport_sas]\n do_sas_phy_delete+0x78/0x80 [scsi_transport_sas]\n device_for_each_child+0x68/0xb0\n sas_remove_children+0x30/0x50 [scsi_transport_sas]\n sas_remove_host+0x20/0x38 [scsi_transport_sas]\n scsih_remove+0xd8/0x420 [mpt3sas]\n\nBecause transport_add_device() is not called when sas_rphy_add() fails, the\ndevice is not added. When sas_rphy_remove() is subsequently called to\nremove the device in the remove() path, a NULL pointer dereference happens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50532",
"url": "https://www.suse.com/security/cve/CVE-2022-50532"
},
{
"category": "external",
"summary": "SUSE Bug 1251300 for CVE-2022-50532",
"url": "https://bugzilla.suse.com/1251300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50532"
},
{
"cve": "CVE-2022-50534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: Use last transaction\u0027s pmd-\u003eroot when commit failed\n\nRecently we found a softlock up problem in dm thin pool btree lookup\ncode due to corrupted metadata:\n\n Kernel panic - not syncing: softlockup: hung tasks\n CPU: 7 PID: 2669225 Comm: kworker/u16:3\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n Workqueue: dm-thin do_worker [dm_thin_pool]\n Call Trace:\n \u003cIRQ\u003e\n dump_stack+0x9c/0xd3\n panic+0x35d/0x6b9\n watchdog_timer_fn.cold+0x16/0x25\n __run_hrtimer+0xa2/0x2d0\n \u003c/IRQ\u003e\n RIP: 0010:__relink_lru+0x102/0x220 [dm_bufio]\n __bufio_new+0x11f/0x4f0 [dm_bufio]\n new_read+0xa3/0x1e0 [dm_bufio]\n dm_bm_read_lock+0x33/0xd0 [dm_persistent_data]\n ro_step+0x63/0x100 [dm_persistent_data]\n btree_lookup_raw.constprop.0+0x44/0x220 [dm_persistent_data]\n dm_btree_lookup+0x16f/0x210 [dm_persistent_data]\n dm_thin_find_block+0x12c/0x210 [dm_thin_pool]\n __process_bio_read_only+0xc5/0x400 [dm_thin_pool]\n process_thin_deferred_bios+0x1a4/0x4a0 [dm_thin_pool]\n process_one_work+0x3c5/0x730\n\nFollowing process may generate a broken btree mixed with fresh and\nstale btree nodes, which could get dm thin trapped in an infinite loop\nwhile looking up data block:\n Transaction 1: pmd-\u003eroot = A, A-\u003eB-\u003eC // One path in btree\n pmd-\u003eroot = X, X-\u003eY-\u003eZ // Copy-up\n Transaction 2: X,Z is updated on disk, Y write failed.\n // Commit failed, dm thin becomes read-only.\n process_bio_read_only\n\t\t dm_thin_find_block\n\t\t __find_block\n\t\t dm_btree_lookup(pmd-\u003eroot)\nThe pmd-\u003eroot points to a broken btree, Y may contain stale node\npointing to any block, for example X, which gets dm thin trapped into\na dead loop while looking up Z.\n\nFix this by setting pmd-\u003eroot in __open_metadata(), so that dm thin\nwill use the last transaction\u0027s pmd-\u003eroot if commit failed.\n\nFetch a reproducer in [Link].\n\nLinke: https://bugzilla.kernel.org/show_bug.cgi?id=216790",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50534",
"url": "https://www.suse.com/security/cve/CVE-2022-50534"
},
{
"category": "external",
"summary": "SUSE Bug 1251292 for CVE-2022-50534",
"url": "https://bugzilla.suse.com/1251292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50534"
},
{
"cve": "CVE-2022-50535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential null-deref in dm_resume\n\n[Why]\nFixing smatch error:\ndm_resume() error: we previously assumed \u0027aconnector-\u003edc_link\u0027 could be null\n\n[How]\nCheck if dc_link null at the beginning of the loop,\nso further checks can be dropped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50535",
"url": "https://www.suse.com/security/cve/CVE-2022-50535"
},
{
"category": "external",
"summary": "SUSE Bug 1251331 for CVE-2022-50535",
"url": "https://bugzilla.suse.com/1251331"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50535"
},
{
"cve": "CVE-2022-50537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()\n\nIn rpi_firmware_probe(), if mbox_request_channel() fails, the \u0027fw\u0027 will\nnot be freed through rpi_firmware_delete(), fix this leak by calling\nkfree() in the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50537",
"url": "https://www.suse.com/security/cve/CVE-2022-50537"
},
{
"category": "external",
"summary": "SUSE Bug 1251294 for CVE-2022-50537",
"url": "https://bugzilla.suse.com/1251294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50537"
},
{
"cve": "CVE-2022-50541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow\n\nUDMA_CHAN_RT_*BCNT_REG stores the real-time channel bytecount statistics.\nThese registers are 32-bit hardware counters and the driver uses these\ncounters to monitor the operational progress status for a channel, when\ntransferring more than 4GB of data it was observed that these counters\noverflow and completion calculation of a operation gets affected and the\ntransfer hangs indefinitely.\n\nThis commit adds changes to decrease the byte count for every complete\ntransaction so that these registers never overflow and the proper byte\ncount statistics is maintained for ongoing transaction by the RT counters.\n\nEarlier uc-\u003ebcnt used to maintain a count of the completed bytes at driver\nside, since the RT counters maintain the statistics of current transaction\nnow, the maintenance of uc-\u003ebcnt is not necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50541",
"url": "https://www.suse.com/security/cve/CVE-2022-50541"
},
{
"category": "external",
"summary": "SUSE Bug 1251519 for CVE-2022-50541",
"url": "https://bugzilla.suse.com/1251519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50541"
},
{
"cve": "CVE-2022-50542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50542"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: si470x: Fix use-after-free in si470x_int_in_callback()\n\nsyzbot reported use-after-free in si470x_int_in_callback() [1]. This\nindicates that urb-\u003econtext, which contains struct si470x_device\nobject, is freed when si470x_int_in_callback() is called.\n\nThe cause of this issue is that si470x_int_in_callback() is called for\nfreed urb.\n\nsi470x_usb_driver_probe() calls si470x_start_usb(), which then calls\nusb_submit_urb() and si470x_start(). If si470x_start_usb() fails,\nsi470x_usb_driver_probe() doesn\u0027t kill urb, but it just frees struct\nsi470x_device object, as depicted below:\n\nsi470x_usb_driver_probe()\n ...\n si470x_start_usb()\n ...\n usb_submit_urb()\n retval = si470x_start()\n return retval\n if (retval \u003c 0)\n free struct si470x_device object, but don\u0027t kill urb\n\nThis patch fixes this issue by killing urb when si470x_start_usb()\nfails and urb is submitted. If si470x_start_usb() fails and urb is\nnot submitted, i.e. submitting usb fails, it just frees struct\nsi470x_device object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50542",
"url": "https://www.suse.com/security/cve/CVE-2022-50542"
},
{
"category": "external",
"summary": "SUSE Bug 1251330 for CVE-2022-50542",
"url": "https://bugzilla.suse.com/1251330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50542"
},
{
"cve": "CVE-2022-50543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix mr-\u003emap double free\n\nrxe_mr_cleanup() which tries to free mr-\u003emap again will be called when\nrxe_mr_init_user() fails:\n\n CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ #25\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x45/0x5d\n panic+0x19e/0x349\n end_report.part.0+0x54/0x7c\n kasan_report.cold+0xa/0xf\n rxe_mr_cleanup+0x9d/0xf0 [rdma_rxe]\n __rxe_cleanup+0x10a/0x1e0 [rdma_rxe]\n rxe_reg_user_mr+0xb7/0xd0 [rdma_rxe]\n ib_uverbs_reg_mr+0x26a/0x480 [ib_uverbs]\n ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x1a2/0x250 [ib_uverbs]\n ib_uverbs_cmd_verbs+0x1397/0x15a0 [ib_uverbs]\n\nThis issue was firstly exposed since commit b18c7da63fcb (\"RDMA/rxe: Fix\nmemory leak in error path code\") and then we fixed it in commit\n8ff5f5d9d8cf (\"RDMA/rxe: Prevent double freeing rxe_map_set()\") but this\nfix was reverted together at last by commit 1e75550648da (Revert\n\"RDMA/rxe: Create duplicate mapping tables for FMRs\")\n\nSimply let rxe_mr_cleanup() always handle freeing the mr-\u003emap once it is\nsuccessfully allocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50543",
"url": "https://www.suse.com/security/cve/CVE-2022-50543"
},
{
"category": "external",
"summary": "SUSE Bug 1251284 for CVE-2022-50543",
"url": "https://bugzilla.suse.com/1251284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50543"
},
{
"cve": "CVE-2022-50544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()\n\nxhci_alloc_stream_info() allocates stream context array for stream_info\n-\u003estream_ctx_array with xhci_alloc_stream_ctx(). When some error occurs,\nstream_info-\u003estream_ctx_array is not released, which will lead to a\nmemory leak.\n\nWe can fix it by releasing the stream_info-\u003estream_ctx_array with\nxhci_free_stream_ctx() on the error path to avoid the potential memory\nleak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50544",
"url": "https://www.suse.com/security/cve/CVE-2022-50544"
},
{
"category": "external",
"summary": "SUSE Bug 1251725 for CVE-2022-50544",
"url": "https://bugzilla.suse.com/1251725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50544"
},
{
"cve": "CVE-2022-50545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nr6040: Fix kmemleak in probe and remove\n\nThere is a memory leaks reported by kmemleak:\n\n unreferenced object 0xffff888116111000 (size 2048):\n comm \"modprobe\", pid 817, jiffies 4294759745 (age 76.502s)\n hex dump (first 32 bytes):\n 00 c4 0a 04 81 88 ff ff 08 10 11 16 81 88 ff ff ................\n 08 10 11 16 81 88 ff ff 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003cffffffff815bcd82\u003e] kmalloc_trace+0x22/0x60\n [\u003cffffffff827e20ee\u003e] phy_device_create+0x4e/0x90\n [\u003cffffffff827e6072\u003e] get_phy_device+0xd2/0x220\n [\u003cffffffff827e7844\u003e] mdiobus_scan+0xa4/0x2e0\n [\u003cffffffff827e8be2\u003e] __mdiobus_register+0x482/0x8b0\n [\u003cffffffffa01f5d24\u003e] r6040_init_one+0x714/0xd2c [r6040]\n ...\n\nThe problem occurs in probe process as follows:\n r6040_init_one:\n mdiobus_register\n mdiobus_scan \u003c- alloc and register phy_device,\n the reference count of phy_device is 3\n r6040_mii_probe\n phy_connect \u003c- connect to the first phy_device,\n so the reference count of the first\n phy_device is 4, others are 3\n register_netdev \u003c- fault inject succeeded, goto error handling path\n\n // error handling path\n err_out_mdio_unregister:\n mdiobus_unregister(lp-\u003emii_bus);\n err_out_mdio:\n mdiobus_free(lp-\u003emii_bus); \u003c- the reference count of the first\n phy_device is 1, it is not released\n and other phy_devices are released\n // similarly, the remove process also has the same problem\n\nThe root cause is traced to the phy_device is not disconnected when\nremoves one r6040 device in r6040_remove_one() or on error handling path\nafter r6040_mii probed successfully. In r6040_mii_probe(), a net ethernet\ndevice is connected to the first PHY device of mii_bus, in order to\nnotify the connected driver when the link status changes, which is the\ndefault behavior of the PHY infrastructure to handle everything.\nTherefore the phy_device should be disconnected when removes one r6040\ndevice or on error handling path.\n\nFix it by adding phy_disconnect() when removes one r6040 device or on\nerror handling path after r6040_mii probed successfully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50545",
"url": "https://www.suse.com/security/cve/CVE-2022-50545"
},
{
"category": "external",
"summary": "SUSE Bug 1251285 for CVE-2022-50545",
"url": "https://bugzilla.suse.com/1251285"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50545"
},
{
"cve": "CVE-2022-50546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix uninititialized value in \u0027ext4_evict_inode\u0027\n\nSyzbot found the following issue:\n=====================================================\nBUG: KMSAN: uninit-value in ext4_evict_inode+0xdd/0x26b0 fs/ext4/inode.c:180\n ext4_evict_inode+0xdd/0x26b0 fs/ext4/inode.c:180\n evict+0x365/0x9a0 fs/inode.c:664\n iput_final fs/inode.c:1747 [inline]\n iput+0x985/0xdd0 fs/inode.c:1773\n __ext4_new_inode+0xe54/0x7ec0 fs/ext4/ialloc.c:1361\n ext4_mknod+0x376/0x840 fs/ext4/namei.c:2844\n vfs_mknod+0x79d/0x830 fs/namei.c:3914\n do_mknodat+0x47d/0xaa0\n __do_sys_mknodat fs/namei.c:3992 [inline]\n __se_sys_mknodat fs/namei.c:3989 [inline]\n __ia32_sys_mknodat+0xeb/0x150 fs/namei.c:3989\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\nUninit was created at:\n __alloc_pages+0x9f1/0xe80 mm/page_alloc.c:5578\n alloc_pages+0xaae/0xd80 mm/mempolicy.c:2285\n alloc_slab_page mm/slub.c:1794 [inline]\n allocate_slab+0x1b5/0x1010 mm/slub.c:1939\n new_slab mm/slub.c:1992 [inline]\n ___slab_alloc+0x10c3/0x2d60 mm/slub.c:3180\n __slab_alloc mm/slub.c:3279 [inline]\n slab_alloc_node mm/slub.c:3364 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc_lru+0x6f3/0xb30 mm/slub.c:3429\n alloc_inode_sb include/linux/fs.h:3117 [inline]\n ext4_alloc_inode+0x5f/0x860 fs/ext4/super.c:1321\n alloc_inode+0x83/0x440 fs/inode.c:259\n new_inode_pseudo fs/inode.c:1018 [inline]\n new_inode+0x3b/0x430 fs/inode.c:1046\n __ext4_new_inode+0x2a7/0x7ec0 fs/ext4/ialloc.c:959\n ext4_mkdir+0x4d5/0x1560 fs/ext4/namei.c:2992\n vfs_mkdir+0x62a/0x870 fs/namei.c:4035\n do_mkdirat+0x466/0x7b0 fs/namei.c:4060\n __do_sys_mkdirat fs/namei.c:4075 [inline]\n __se_sys_mkdirat fs/namei.c:4073 [inline]\n __ia32_sys_mkdirat+0xc4/0x120 fs/namei.c:4073\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\nCPU: 1 PID: 4625 Comm: syz-executor.2 Not tainted 6.1.0-rc4-syzkaller-62821-gcb231e2f67ec #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\n=====================================================\n\nNow, \u0027ext4_alloc_inode()\u0027 didn\u0027t init \u0027ei-\u003ei_flags\u0027. If new inode failed\nbefore set \u0027ei-\u003ei_flags\u0027 in \u0027__ext4_new_inode()\u0027, then do \u0027iput()\u0027. As after\n6bc0d63dad7f commit will access \u0027ei-\u003ei_flags\u0027 in \u0027ext4_evict_inode()\u0027 which\nwill lead to access uninit-value.\nTo solve above issue just init \u0027ei-\u003ei_flags\u0027 in \u0027ext4_alloc_inode()\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50546",
"url": "https://www.suse.com/security/cve/CVE-2022-50546"
},
{
"category": "external",
"summary": "SUSE Bug 1251723 for CVE-2022-50546",
"url": "https://bugzilla.suse.com/1251723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50546"
},
{
"cve": "CVE-2022-50549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata\n\nFollowing concurrent processes:\n\n P1(drop cache) P2(kworker)\ndrop_caches_sysctl_handler\n drop_slab\n shrink_slab\n down_read(\u0026shrinker_rwsem) - LOCK A\n do_shrink_slab\n super_cache_scan\n prune_icache_sb\n dispose_list\n evict\n ext4_evict_inode\n\t ext4_clear_inode\n\t ext4_discard_preallocations\n\t ext4_mb_load_buddy_gfp\n\t ext4_mb_init_cache\n\t ext4_read_block_bitmap_nowait\n\t ext4_read_bh_nowait\n\t submit_bh\n\t dm_submit_bio\n\t\t do_worker\n\t\t\t\t process_deferred_bios\n\t\t\t\t commit\n\t\t\t\t metadata_operation_failed\n\t\t\t\t dm_pool_abort_metadata\n\t\t\t\t down_write(\u0026pmd-\u003eroot_lock) - LOCK B\n\t\t __destroy_persistent_data_objects\n\t\t\t\t dm_block_manager_destroy\n\t\t\t\t dm_bufio_client_destroy\n\t\t\t\t unregister_shrinker\n\t\t\t\t\t down_write(\u0026shrinker_rwsem)\n\t\t thin_map |\n\t\t dm_thin_find_block v\n\t\t down_read(\u0026pmd-\u003eroot_lock) --\u003e ABBA deadlock\n\n, which triggers hung task:\n\n[ 76.974820] INFO: task kworker/u4:3:63 blocked for more than 15 seconds.\n[ 76.976019] Not tainted 6.1.0-rc4-00011-g8f17dd350364-dirty #910\n[ 76.978521] task:kworker/u4:3 state:D stack:0 pid:63 ppid:2\n[ 76.978534] Workqueue: dm-thin do_worker\n[ 76.978552] Call Trace:\n[ 76.978564] __schedule+0x6ba/0x10f0\n[ 76.978582] schedule+0x9d/0x1e0\n[ 76.978588] rwsem_down_write_slowpath+0x587/0xdf0\n[ 76.978600] down_write+0xec/0x110\n[ 76.978607] unregister_shrinker+0x2c/0xf0\n[ 76.978616] dm_bufio_client_destroy+0x116/0x3d0\n[ 76.978625] dm_block_manager_destroy+0x19/0x40\n[ 76.978629] __destroy_persistent_data_objects+0x5e/0x70\n[ 76.978636] dm_pool_abort_metadata+0x8e/0x100\n[ 76.978643] metadata_operation_failed+0x86/0x110\n[ 76.978649] commit+0x6a/0x230\n[ 76.978655] do_worker+0xc6e/0xd90\n[ 76.978702] process_one_work+0x269/0x630\n[ 76.978714] worker_thread+0x266/0x630\n[ 76.978730] kthread+0x151/0x1b0\n[ 76.978772] INFO: task test.sh:2646 blocked for more than 15 seconds.\n[ 76.979756] Not tainted 6.1.0-rc4-00011-g8f17dd350364-dirty #910\n[ 76.982111] task:test.sh state:D stack:0 pid:2646 ppid:2459\n[ 76.982128] Call Trace:\n[ 76.982139] __schedule+0x6ba/0x10f0\n[ 76.982155] schedule+0x9d/0x1e0\n[ 76.982159] rwsem_down_read_slowpath+0x4f4/0x910\n[ 76.982173] down_read+0x84/0x170\n[ 76.982177] dm_thin_find_block+0x4c/0xd0\n[ 76.982183] thin_map+0x201/0x3d0\n[ 76.982188] __map_bio+0x5b/0x350\n[ 76.982195] dm_submit_bio+0x2b6/0x930\n[ 76.982202] __submit_bio+0x123/0x2d0\n[ 76.982209] submit_bio_noacct_nocheck+0x101/0x3e0\n[ 76.982222] submit_bio_noacct+0x389/0x770\n[ 76.982227] submit_bio+0x50/0xc0\n[ 76.982232] submit_bh_wbc+0x15e/0x230\n[ 76.982238] submit_bh+0x14/0x20\n[ 76.982241] ext4_read_bh_nowait+0xc5/0x130\n[ 76.982247] ext4_read_block_bitmap_nowait+0x340/0xc60\n[ 76.982254] ext4_mb_init_cache+0x1ce/0xdc0\n[ 76.982259] ext4_mb_load_buddy_gfp+0x987/0xfa0\n[ 76.982263] ext4_discard_preallocations+0x45d/0x830\n[ 76.982274] ext4_clear_inode+0x48/0xf0\n[ 76.982280] ext4_evict_inode+0xcf/0xc70\n[ 76.982285] evict+0x119/0x2b0\n[ 76.982290] dispose_list+0x43/0xa0\n[ 76.982294] prune_icache_sb+0x64/0x90\n[ 76.982298] super_cache_scan+0x155/0x210\n[ 76.982303] do_shrink_slab+0x19e/0x4e0\n[ 76.982310] shrink_slab+0x2bd/0x450\n[ 76.982317] drop_slab+0xcc/0x1a0\n[ 76.982323] drop_caches_sysctl_handler+0xb7/0xe0\n[ 76.982327] proc_sys_call_handler+0x1bc/0x300\n[ 76.982331] proc_sys_write+0x17/0x20\n[ 76.982334] vfs_write+0x3d3/0x570\n[ 76.982342] ksys_write+0x73/0x160\n[ 76.982347] __x64_sys_write+0x1e/0x30\n[ 76.982352] do_syscall_64+0x35/0x80\n[ 76.982357] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFunct\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50549",
"url": "https://www.suse.com/security/cve/CVE-2022-50549"
},
{
"category": "external",
"summary": "SUSE Bug 1251550 for CVE-2022-50549",
"url": "https://bugzilla.suse.com/1251550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50549"
},
{
"cve": "CVE-2022-50551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50551"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()\n\nThis patch fixes a shift-out-of-bounds in brcmfmac that occurs in\nBIT(chiprev) when a \u0027chiprev\u0027 provided by the device is too large.\nIt should also not be equal to or greater than BITS_PER_TYPE(u32)\nas we do bitwise AND with a u32 variable and BIT(chiprev). The patch\nadds a check that makes the function return NULL if that is the case.\nNote that the NULL case is later handled by the bus-specific caller,\nbrcmf_usb_probe_cb() or brcmf_usb_reset_resume(), for example.\n\nFound by a modified version of syzkaller.\n\nUBSAN: shift-out-of-bounds in drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c\nshift exponent 151055786 is too large for 64-bit type \u0027long unsigned int\u0027\nCPU: 0 PID: 1885 Comm: kworker/0:2 Tainted: G O 5.14.0+ #132\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n dump_stack_lvl+0x57/0x7d\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_shift_out_of_bounds.cold+0x53/0xdb\n ? lock_chain_count+0x20/0x20\n brcmf_fw_alloc_request.cold+0x19/0x3ea\n ? brcmf_fw_get_firmwares+0x250/0x250\n ? brcmf_usb_ioctl_resp_wait+0x1a7/0x1f0\n brcmf_usb_get_fwname+0x114/0x1a0\n ? brcmf_usb_reset_resume+0x120/0x120\n ? number+0x6c4/0x9a0\n brcmf_c_process_clm_blob+0x168/0x590\n ? put_dec+0x90/0x90\n ? enable_ptr_key_workfn+0x20/0x20\n ? brcmf_common_pd_remove+0x50/0x50\n ? rcu_read_lock_sched_held+0xa1/0xd0\n brcmf_c_preinit_dcmds+0x673/0xc40\n ? brcmf_c_set_joinpref_default+0x100/0x100\n ? rcu_read_lock_sched_held+0xa1/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? lock_acquire+0x19d/0x4e0\n ? find_held_lock+0x2d/0x110\n ? brcmf_usb_deq+0x1cc/0x260\n ? mark_held_locks+0x9f/0xe0\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n ? trace_hardirqs_on+0x1c/0x120\n ? brcmf_usb_deq+0x1a7/0x260\n ? brcmf_usb_rx_fill_all+0x5a/0xf0\n brcmf_attach+0x246/0xd40\n ? wiphy_new_nm+0x1476/0x1d50\n ? kmemdup+0x30/0x40\n brcmf_usb_probe+0x12de/0x1690\n ? brcmf_usbdev_qinit.constprop.0+0x470/0x470\n usb_probe_interface+0x25f/0x710\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n ? usb_match_id.part.0+0x88/0xc0\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n ? driver_allows_async_probing+0x120/0x120\n bus_for_each_drv+0x123/0x1a0\n ? bus_rescan_devices+0x20/0x20\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? trace_hardirqs_on+0x1c/0x120\n __device_attach+0x207/0x330\n ? device_bind_driver+0xb0/0xb0\n ? kobject_uevent_env+0x230/0x12c0\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n ? __mutex_unlock_slowpath+0xe7/0x660\n ? __fw_devlink_link_to_suppliers+0x550/0x550\n usb_set_configuration+0x984/0x1770\n ? kernfs_create_link+0x175/0x230\n usb_generic_driver_probe+0x69/0x90\n usb_probe_device+0x9c/0x220\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n ? driver_allows_async_probing+0x120/0x120\n bus_for_each_drv+0x123/0x1a0\n ? bus_rescan_devices+0x20/0x20\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? trace_hardirqs_on+0x1c/0x120\n __device_attach+0x207/0x330\n ? device_bind_driver+0xb0/0xb0\n ? kobject_uevent_env+0x230/0x12c0\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n ? __fw_devlink_link_to_suppliers+0x550/0x550\n usb_new_device.cold+0x463/0xf66\n ? hub_disconnect+0x400/0x400\n ? _raw_spin_unlock_irq+0x24/0x30\n hub_event+0x10d5/0x3330\n ? hub_port_debounce+0x280/0x280\n ? __lock_acquire+0x1671/0x5790\n ? wq_calc_node_cpumask+0x170/0x2a0\n ? lock_release+0x640/0x640\n ? rcu_read_lock_sched_held+0xa1/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n process_one_work+0x873/0x13e0\n ? lock_release+0x640/0x640\n ? pwq_dec_nr_in_flight+0x320/0x320\n ? rwlock_bug.part.0+0x90/0x90\n worker_thread+0x8b/0xd10\n ? __kthread_parkme+0xd9/0x1d0\n ? pr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50551",
"url": "https://www.suse.com/security/cve/CVE-2022-50551"
},
{
"category": "external",
"summary": "SUSE Bug 1251322 for CVE-2022-50551",
"url": "https://bugzilla.suse.com/1251322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50551"
},
{
"cve": "CVE-2022-50553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/hist: Fix out-of-bound write on \u0027action_data.var_ref_idx\u0027\n\nWhen generate a synthetic event with many params and then create a trace\naction for it [1], kernel panic happened [2].\n\nIt is because that in trace_action_create() \u0027data-\u003en_params\u0027 is up to\nSYNTH_FIELDS_MAX (current value is 64), and array \u0027data-\u003evar_ref_idx\u0027\nkeeps indices into array \u0027hist_data-\u003evar_refs\u0027 for each synthetic event\nparam, but the length of \u0027data-\u003evar_ref_idx\u0027 is TRACING_MAP_VARS_MAX\n(current value is 16), so out-of-bound write happened when \u0027data-\u003en_params\u0027\nmore than 16. In this case, \u0027data-\u003ematch_data.event\u0027 is overwritten and\neventually cause the panic.\n\nTo solve the issue, adjust the length of \u0027data-\u003evar_ref_idx\u0027 to be\nSYNTH_FIELDS_MAX and add sanity checks to avoid out-of-bound write.\n\n[1]\n # cd /sys/kernel/tracing/\n # echo \"my_synth_event int v1; int v2; int v3; int v4; int v5; int v6;\\\nint v7; int v8; int v9; int v10; int v11; int v12; int v13; int v14;\\\nint v15; int v16; int v17; int v18; int v19; int v20; int v21; int v22;\\\nint v23; int v24; int v25; int v26; int v27; int v28; int v29; int v30;\\\nint v31; int v32; int v33; int v34; int v35; int v36; int v37; int v38;\\\nint v39; int v40; int v41; int v42; int v43; int v44; int v45; int v46;\\\nint v47; int v48; int v49; int v50; int v51; int v52; int v53; int v54;\\\nint v55; int v56; int v57; int v58; int v59; int v60; int v61; int v62;\\\nint v63\" \u003e\u003e synthetic_events\n # echo \u0027hist:keys=pid:ts0=common_timestamp.usecs if comm==\"bash\"\u0027 \u003e\u003e \\\nevents/sched/sched_waking/trigger\n # echo \"hist:keys=next_pid:onmatch(sched.sched_waking).my_synth_event(\\\npid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,\\\npid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,\\\npid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,pid,\\\npid,pid,pid,pid,pid,pid,pid,pid,pid)\" \u003e\u003e events/sched/sched_switch/trigger\n\n[2]\nBUG: unable to handle page fault for address: ffff91c900000000\nPGD 61001067 P4D 61001067 PUD 0\nOops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 2 PID: 322 Comm: bash Tainted: G W 6.1.0-rc8+ #229\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\nRIP: 0010:strcmp+0xc/0x30\nCode: 75 f7 31 d2 44 0f b6 04 16 44 88 04 11 48 83 c2 01 45 84 c0 75 ee\nc3 cc cc cc cc 0f 1f 00 31 c0 eb 08 48 83 c0 01 84 d2 74 13 \u003c0f\u003e b6 14\n07 3a 14 06 74 ef 19 c0 83 c8 01 c3 cc cc cc cc 31 c3\nRSP: 0018:ffff9b3b00f53c48 EFLAGS: 00000246\nRAX: 0000000000000000 RBX: ffffffffba958a68 RCX: 0000000000000000\nRDX: 0000000000000010 RSI: ffff91c943d33a90 RDI: ffff91c900000000\nRBP: ffff91c900000000 R08: 00000018d604b529 R09: 0000000000000000\nR10: ffff91c9483eddb1 R11: ffff91ca483eddab R12: ffff91c946171580\nR13: ffff91c9479f0538 R14: ffff91c9457c2848 R15: ffff91c9479f0538\nFS: 00007f1d1cfbe740(0000) GS:ffff91c9bdc80000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffff91c900000000 CR3: 0000000006316000 CR4: 00000000000006e0\nCall Trace:\n \u003cTASK\u003e\n __find_event_file+0x55/0x90\n action_create+0x76c/0x1060\n event_hist_trigger_parse+0x146d/0x2060\n ? event_trigger_write+0x31/0xd0\n trigger_process_regex+0xbb/0x110\n event_trigger_write+0x6b/0xd0\n vfs_write+0xc8/0x3e0\n ? alloc_fd+0xc0/0x160\n ? preempt_count_add+0x4d/0xa0\n ? preempt_count_add+0x70/0xa0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3b/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f1d1d0cf077\nCode: 64 89 02 48 c7 c0 ff ff ff ff eb bb 0f 1f 80 00 00 00 00 f3 0f 1e\nfa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00\nf0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74\nRSP: 002b:00007ffcebb0e568 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000000143 RCX: 00007f1d1d0cf077\nRDX: 0000000000000143 RSI: 00005639265aa7e0 RDI: 0000000000000001\nRBP: 00005639265aa7e0 R08: 000000000000000a R09: 0000000000000142\nR\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50553",
"url": "https://www.suse.com/security/cve/CVE-2022-50553"
},
{
"category": "external",
"summary": "SUSE Bug 1251281 for CVE-2022-50553",
"url": "https://bugzilla.suse.com/1251281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50553"
},
{
"cve": "CVE-2022-50556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix potential null-ptr-deref due to drmm_mode_config_init()\n\ndrmm_mode_config_init() will call drm_mode_create_standard_properties()\nand won\u0027t check the ret value. When drm_mode_create_standard_properties()\nfailed due to alloc, property will be a NULL pointer and may causes the\nnull-ptr-deref. Fix the null-ptr-deref by adding the ret value check.\n\nFound null-ptr-deref while testing insert module bochs:\ngeneral protection fault, probably for non-canonical address\n 0xdffffc000000000c: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067]\nCPU: 3 PID: 249 Comm: modprobe Not tainted 6.1.0-rc1+ #364\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\nRIP: 0010:drm_object_attach_property+0x73/0x3c0 [drm]\nCall Trace:\n \u003cTASK\u003e\n __drm_connector_init+0xb6c/0x1100 [drm]\n bochs_pci_probe.cold.11+0x4cb/0x7fe [bochs]\n pci_device_probe+0x17d/0x340\n really_probe+0x1db/0x5d0\n __driver_probe_device+0x1e7/0x250\n driver_probe_device+0x4a/0x120\n __driver_attach+0xcd/0x2c0\n bus_for_each_dev+0x11a/0x1b0\n bus_add_driver+0x3d7/0x500\n driver_register+0x18e/0x320\n do_one_initcall+0xc4/0x3e0\n do_init_module+0x1b4/0x630\n load_module+0x5dca/0x7230\n __do_sys_finit_module+0x100/0x170\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7ff65af9f839",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50556",
"url": "https://www.suse.com/security/cve/CVE-2022-50556"
},
{
"category": "external",
"summary": "SUSE Bug 1252529 for CVE-2022-50556",
"url": "https://bugzilla.suse.com/1252529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50556"
},
{
"cve": "CVE-2022-50559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: scu: fix memleak on platform_device_add() fails\n\nNo error handling is performed when platform_device_add()\nfails. Add error processing before return, and modified\nthe return value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50559",
"url": "https://www.suse.com/security/cve/CVE-2022-50559"
},
{
"category": "external",
"summary": "SUSE Bug 1252535 for CVE-2022-50559",
"url": "https://bugzilla.suse.com/1252535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50559"
},
{
"cve": "CVE-2022-50560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/meson: explicitly remove aggregate driver at module unload time\n\nBecause component_master_del wasn\u0027t being called when unloading the\nmeson_drm module, the aggregate device would linger forever in the global\naggregate_devices list. That means when unloading and reloading the\nmeson_dw_hdmi module, component_add would call into\ntry_to_bring_up_aggregate_device and find the unbound meson_drm aggregate\ndevice.\n\nThis would in turn dereference some of the aggregate_device\u0027s struct\nentries which point to memory automatically freed by the devres API when\nunbinding the aggregate device from meson_drv_unbind, and trigger an\nuse-after-free bug:\n\n[ +0.000014] =============================================================\n[ +0.000007] BUG: KASAN: use-after-free in find_components+0x468/0x500\n[ +0.000017] Read of size 8 at addr ffff000006731688 by task modprobe/2536\n[ +0.000018] CPU: 4 PID: 2536 Comm: modprobe Tainted: G C O 5.19.0-rc6-lrmbkasan+ #1\n[ +0.000010] Hardware name: Hardkernel ODROID-N2Plus (DT)\n[ +0.000008] Call trace:\n[ +0.000005] dump_backtrace+0x1ec/0x280\n[ +0.000011] show_stack+0x24/0x80\n[ +0.000007] dump_stack_lvl+0x98/0xd4\n[ +0.000010] print_address_description.constprop.0+0x80/0x520\n[ +0.000011] print_report+0x128/0x260\n[ +0.000007] kasan_report+0xb8/0xfc\n[ +0.000007] __asan_report_load8_noabort+0x3c/0x50\n[ +0.000009] find_components+0x468/0x500\n[ +0.000008] try_to_bring_up_aggregate_device+0x64/0x390\n[ +0.000009] __component_add+0x1dc/0x49c\n[ +0.000009] component_add+0x20/0x30\n[ +0.000008] meson_dw_hdmi_probe+0x28/0x34 [meson_dw_hdmi]\n[ +0.000013] platform_probe+0xd0/0x220\n[ +0.000008] really_probe+0x3ac/0xa80\n[ +0.000008] __driver_probe_device+0x1f8/0x400\n[ +0.000008] driver_probe_device+0x68/0x1b0\n[ +0.000008] __driver_attach+0x20c/0x480\n[ +0.000009] bus_for_each_dev+0x114/0x1b0\n[ +0.000007] driver_attach+0x48/0x64\n[ +0.000009] bus_add_driver+0x390/0x564\n[ +0.000007] driver_register+0x1a8/0x3e4\n[ +0.000009] __platform_driver_register+0x6c/0x94\n[ +0.000007] meson_dw_hdmi_platform_driver_init+0x30/0x1000 [meson_dw_hdmi]\n[ +0.000014] do_one_initcall+0xc4/0x2b0\n[ +0.000008] do_init_module+0x154/0x570\n[ +0.000010] load_module+0x1a78/0x1ea4\n[ +0.000008] __do_sys_init_module+0x184/0x1cc\n[ +0.000008] __arm64_sys_init_module+0x78/0xb0\n[ +0.000008] invoke_syscall+0x74/0x260\n[ +0.000008] el0_svc_common.constprop.0+0xcc/0x260\n[ +0.000009] do_el0_svc+0x50/0x70\n[ +0.000008] el0_svc+0x68/0x1a0\n[ +0.000009] el0t_64_sync_handler+0x11c/0x150\n[ +0.000009] el0t_64_sync+0x18c/0x190\n\n[ +0.000014] Allocated by task 902:\n[ +0.000007] kasan_save_stack+0x2c/0x5c\n[ +0.000009] __kasan_kmalloc+0x90/0xd0\n[ +0.000007] __kmalloc_node+0x240/0x580\n[ +0.000010] memcg_alloc_slab_cgroups+0xa4/0x1ac\n[ +0.000010] memcg_slab_post_alloc_hook+0xbc/0x4c0\n[ +0.000008] kmem_cache_alloc_node+0x1d0/0x490\n[ +0.000009] __alloc_skb+0x1d4/0x310\n[ +0.000010] alloc_skb_with_frags+0x8c/0x620\n[ +0.000008] sock_alloc_send_pskb+0x5ac/0x6d0\n[ +0.000010] unix_dgram_sendmsg+0x2e0/0x12f0\n[ +0.000010] sock_sendmsg+0xcc/0x110\n[ +0.000007] sock_write_iter+0x1d0/0x304\n[ +0.000008] new_sync_write+0x364/0x460\n[ +0.000007] vfs_write+0x420/0x5ac\n[ +0.000008] ksys_write+0x19c/0x1f0\n[ +0.000008] __arm64_sys_write+0x78/0xb0\n[ +0.000007] invoke_syscall+0x74/0x260\n[ +0.000008] el0_svc_common.constprop.0+0x1a8/0x260\n[ +0.000009] do_el0_svc+0x50/0x70\n[ +0.000007] el0_svc+0x68/0x1a0\n[ +0.000008] el0t_64_sync_handler+0x11c/0x150\n[ +0.000008] el0t_64_sync+0x18c/0x190\n\n[ +0.000013] Freed by task 2509:\n[ +0.000008] kasan_save_stack+0x2c/0x5c\n[ +0.000007] kasan_set_track+0x2c/0x40\n[ +0.000008] kasan_set_free_info+0x28/0x50\n[ +0.000008] ____kasan_slab_free+0x128/0x1d4\n[ +0.000008] __kasan_slab_free+0x18/0x24\n[ +0.000007] slab_free_freelist_hook+0x108/0x230\n[ +0.000010] \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50560",
"url": "https://www.suse.com/security/cve/CVE-2022-50560"
},
{
"category": "external",
"summary": "SUSE Bug 1252568 for CVE-2022-50560",
"url": "https://bugzilla.suse.com/1252568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50560"
},
{
"cve": "CVE-2022-50561",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50561"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: fix memory leak in iio_device_register_eventset()\n\nWhen iio_device_register_sysfs_group() returns failed,\niio_device_register_eventset() needs to free attrs array.\n\nOtherwise, kmemleak would scan \u0026 report memory leak as below:\n\nunreferenced object 0xffff88810a1cc3c0 (size 32):\n comm \"100-i2c-vcnl302\", pid 728, jiffies 4295052307 (age 156.027s)\n backtrace:\n __kmalloc+0x46/0x1b0\n iio_device_register_eventset at drivers/iio/industrialio-event.c:541\n __iio_device_register at drivers/iio/industrialio-core.c:1959\n __devm_iio_device_register at drivers/iio/industrialio-core.c:2040",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50561",
"url": "https://www.suse.com/security/cve/CVE-2022-50561"
},
{
"category": "external",
"summary": "SUSE Bug 1252474 for CVE-2022-50561",
"url": "https://bugzilla.suse.com/1252474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50561"
},
{
"cve": "CVE-2022-50562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50562"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: acpi: Call acpi_put_table() to fix memory leak\n\nThe start and length of the event log area are obtained from\nTPM2 or TCPA table, so we call acpi_get_table() to get the\nACPI information, but the acpi_get_table() should be coupled with\nacpi_put_table() to release the ACPI memory, add the acpi_put_table()\nproperly to fix the memory leak.\n\nWhile we are at it, remove the redundant empty line at the\nend of the tpm_read_log_acpi().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50562",
"url": "https://www.suse.com/security/cve/CVE-2022-50562"
},
{
"category": "external",
"summary": "SUSE Bug 1252528 for CVE-2022-50562",
"url": "https://bugzilla.suse.com/1252528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50562"
},
{
"cve": "CVE-2022-50563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm thin: Fix UAF in run_timer_softirq()\n\nWhen dm_resume() and dm_destroy() are concurrent, it will\nlead to UAF, as follows:\n\n BUG: KASAN: use-after-free in __run_timers+0x173/0x710\n Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0\n\u003csnip\u003e\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x73/0x9f\n print_report.cold+0x132/0xaa2\n _raw_spin_lock_irqsave+0xcd/0x160\n __run_timers+0x173/0x710\n kasan_report+0xad/0x110\n __run_timers+0x173/0x710\n __asan_store8+0x9c/0x140\n __run_timers+0x173/0x710\n call_timer_fn+0x310/0x310\n pvclock_clocksource_read+0xfa/0x250\n kvm_clock_read+0x2c/0x70\n kvm_clock_get_cycles+0xd/0x20\n ktime_get+0x5c/0x110\n lapic_next_event+0x38/0x50\n clockevents_program_event+0xf1/0x1e0\n run_timer_softirq+0x49/0x90\n __do_softirq+0x16e/0x62c\n __irq_exit_rcu+0x1fa/0x270\n irq_exit_rcu+0x12/0x20\n sysvec_apic_timer_interrupt+0x8e/0xc0\n\nOne of the concurrency UAF can be shown as below:\n\n use free\ndo_resume |\n __find_device_hash_cell |\n dm_get |\n atomic_inc(\u0026md-\u003eholders) |\n | dm_destroy\n | __dm_destroy\n | if (!dm_suspended_md(md))\n | atomic_read(\u0026md-\u003eholders)\n | msleep(1)\n dm_resume |\n __dm_resume |\n dm_table_resume_targets |\n pool_resume |\n do_waker #add delay work |\n dm_put |\n atomic_dec(\u0026md-\u003eholders) |\n | dm_table_destroy\n | pool_dtr\n | __pool_dec\n | __pool_destroy\n | destroy_workqueue\n | kfree(pool) # free pool\n time out\n__do_softirq\n run_timer_softirq # pool has already been freed\n\nThis can be easily reproduced using:\n 1. create thin-pool\n 2. dmsetup suspend pool\n 3. dmsetup resume pool\n 4. dmsetup remove_all # Concurrent with 3\n\nThe root cause of this UAF bug is that dm_resume() adds timer after\ndm_destroy() skips cancelling the timer because of suspend status.\nAfter timeout, it will call run_timer_softirq(), however pool has\nalready been freed. The concurrency UAF bug will happen.\n\nTherefore, cancelling timer again in __pool_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50563",
"url": "https://www.suse.com/security/cve/CVE-2022-50563"
},
{
"category": "external",
"summary": "SUSE Bug 1252480 for CVE-2022-50563",
"url": "https://bugzilla.suse.com/1252480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50563"
},
{
"cve": "CVE-2022-50564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/netiucv: Fix return type of netiucv_tx()\n\nWith clang\u0027s kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),\nindirect call targets are validated against the expected function\npointer prototype to make sure the call target is valid to help mitigate\nROP attacks. If they are not identical, there is a failure at run time,\nwhich manifests as either a kernel panic or thread getting killed. A\nproposed warning in clang aims to catch these at compile time, which\nreveals:\n\n drivers/s390/net/netiucv.c:1854:21: error: incompatible function pointer types initializing \u0027netdev_tx_t (*)(struct sk_buff *, struct net_device *)\u0027 (aka \u0027enum netdev_tx (*)(struct sk_buff *, struct net_device *)\u0027) with an expression of type \u0027int (struct sk_buff *, struct net_device *)\u0027 [-Werror,-Wincompatible-function-pointer-types-strict]\n .ndo_start_xmit = netiucv_tx,\n ^~~~~~~~~~\n\n-\u003endo_start_xmit() in \u0027struct net_device_ops\u0027 expects a return type of\n\u0027netdev_tx_t\u0027, not \u0027int\u0027. Adjust the return type of netiucv_tx() to\nmatch the prototype\u0027s to resolve the warning and potential CFI failure,\nshould s390 select ARCH_SUPPORTS_CFI_CLANG in the future.\n\nAdditionally, while in the area, remove a comment block that is no\nlonger relevant.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50564",
"url": "https://www.suse.com/security/cve/CVE-2022-50564"
},
{
"category": "external",
"summary": "SUSE Bug 1252538 for CVE-2022-50564",
"url": "https://bugzilla.suse.com/1252538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50564"
},
{
"cve": "CVE-2022-50566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: Fix device name leak when register device failed in add_mtd_device()\n\nThere is a kmemleak when register device failed:\n unreferenced object 0xffff888101aab550 (size 8):\n comm \"insmod\", pid 3922, jiffies 4295277753 (age 925.408s)\n hex dump (first 8 bytes):\n 6d 74 64 30 00 88 ff ff mtd0....\n backtrace:\n [\u003c00000000bde26724\u003e] __kmalloc_node_track_caller+0x4e/0x150\n [\u003c000000003c32b416\u003e] kvasprintf+0xb0/0x130\n [\u003c000000001f7a8f15\u003e] kobject_set_name_vargs+0x2f/0xb0\n [\u003c000000006e781163\u003e] dev_set_name+0xab/0xe0\n [\u003c00000000e30d0c78\u003e] add_mtd_device+0x4bb/0x700\n [\u003c00000000f3d34de7\u003e] mtd_device_parse_register+0x2ac/0x3f0\n [\u003c00000000c0d88488\u003e] 0xffffffffa0238457\n [\u003c00000000b40d0922\u003e] 0xffffffffa02a008f\n [\u003c0000000023d17b9d\u003e] do_one_initcall+0x87/0x2a0\n [\u003c00000000770f6ca6\u003e] do_init_module+0xdf/0x320\n [\u003c000000007b6768fe\u003e] load_module+0x2f98/0x3330\n [\u003c00000000346bed5a\u003e] __do_sys_finit_module+0x113/0x1b0\n [\u003c00000000674c2290\u003e] do_syscall_64+0x35/0x80\n [\u003c000000004c6a8d97\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nIf register device failed, should call put_device() to give up the\nreference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50566",
"url": "https://www.suse.com/security/cve/CVE-2022-50566"
},
{
"category": "external",
"summary": "SUSE Bug 1252484 for CVE-2022-50566",
"url": "https://bugzilla.suse.com/1252484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50566"
},
{
"cve": "CVE-2022-50567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: fix shift-out-of-bounds in dbAllocAG\n\nSyzbot found a crash : UBSAN: shift-out-of-bounds in dbAllocAG. The\nunderlying bug is the missing check of bmp-\u003edb_agl2size. The field can\nbe greater than 64 and trigger the shift-out-of-bounds.\n\nFix this bug by adding a check of bmp-\u003edb_agl2size in dbMount since this\nfield is used in many following functions. The upper bound for this\nfield is L2MAXL2SIZE - L2MAXAG, thanks for the help of Dave Kleikamp.\nNote that, for maintenance, I reorganized error handling code of dbMount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50567",
"url": "https://www.suse.com/security/cve/CVE-2022-50567"
},
{
"category": "external",
"summary": "SUSE Bug 1252486 for CVE-2022-50567",
"url": "https://bugzilla.suse.com/1252486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50567"
},
{
"cve": "CVE-2022-50568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_hid: fix f_hidg lifetime vs cdev\n\nThe embedded struct cdev does not have its lifetime correctly tied to\nthe enclosing struct f_hidg, so there is a use-after-free if /dev/hidgN\nis held open while the gadget is deleted.\n\nThis can readily be replicated with libusbgx\u0027s example programs (for\nconciseness - operating directly via configfs is equivalent):\n\n\tgadget-hid\n\texec 3\u003c\u003e /dev/hidg0\n\tgadget-vid-pid-remove\n\texec 3\u003c\u0026-\n\nPull the existing device up in to struct f_hidg and make use of the\ncdev_device_{add,del}() helpers. This changes the lifetime of the\ndevice object to match struct f_hidg, but note that it is still added\nand deleted at the same time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50568",
"url": "https://www.suse.com/security/cve/CVE-2022-50568"
},
{
"category": "external",
"summary": "SUSE Bug 1252523 for CVE-2022-50568",
"url": "https://bugzilla.suse.com/1252523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50568"
},
{
"cve": "CVE-2022-50570",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50570"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: fix memory corruption in ioctl\n\nIf \"s_mem.bytes\" is larger than the buffer size it leads to memory\ncorruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50570",
"url": "https://www.suse.com/security/cve/CVE-2022-50570"
},
{
"category": "external",
"summary": "SUSE Bug 1252475 for CVE-2022-50570",
"url": "https://bugzilla.suse.com/1252475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50570"
},
{
"cve": "CVE-2022-50572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link()\n\nThe of_get_next_child() returns a node with refcount incremented, and\ndecrements the refcount of prev. So in the error path of the while loop,\nof_node_put() needs be called for cpu_ep.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50572",
"url": "https://www.suse.com/security/cve/CVE-2022-50572"
},
{
"category": "external",
"summary": "SUSE Bug 1252526 for CVE-2022-50572",
"url": "https://bugzilla.suse.com/1252526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50572"
},
{
"cve": "CVE-2022-50574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/omap: dss: Fix refcount leak bugs\n\nIn dss_init_ports() and __dss_uninit_ports(), we should call\nof_node_put() for the reference returned by of_graph_get_port_by_id()\nin fail path or when it is not used anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50574",
"url": "https://www.suse.com/security/cve/CVE-2022-50574"
},
{
"category": "external",
"summary": "SUSE Bug 1252516 for CVE-2022-50574",
"url": "https://bugzilla.suse.com/1252516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50574"
},
{
"cve": "CVE-2022-50575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50575"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()\n\nAs \u0027kdata.num\u0027 is user-controlled data, if user tries to allocate\nmemory larger than(\u003e=) MAX_ORDER, then kcalloc() will fail, it\ncreates a stack trace and messes up dmesg with a warning.\n\nCall trace:\n-\u003e privcmd_ioctl\n--\u003e privcmd_ioctl_mmap_resource\n\nAdd __GFP_NOWARN in order to avoid too large allocation warning.\nThis is detected by static analysis using smatch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50575",
"url": "https://www.suse.com/security/cve/CVE-2022-50575"
},
{
"category": "external",
"summary": "SUSE Bug 1252509 for CVE-2022-50575",
"url": "https://bugzilla.suse.com/1252509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50575"
},
{
"cve": "CVE-2022-50576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: pch: Fix PCI device refcount leak in pch_request_dma()\n\nAs comment of pci_get_slot() says, it returns a pci_device with its\nrefcount increased. The caller must decrement the reference count by\ncalling pci_dev_put().\n\nSince \u0027dma_dev\u0027 is only used to filter the channel in filter(), we can\ncall pci_dev_put() before exiting from pch_request_dma(). Add the\nmissing pci_dev_put() for the normal and error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50576",
"url": "https://www.suse.com/security/cve/CVE-2022-50576"
},
{
"category": "external",
"summary": "SUSE Bug 1252508 for CVE-2022-50576",
"url": "https://bugzilla.suse.com/1252508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50576"
},
{
"cve": "CVE-2022-50577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50577"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix memory leak in __ima_inode_hash()\n\nCommit f3cc6b25dcc5 (\"ima: always measure and audit files in policy\") lets\nmeasurement or audit happen even if the file digest cannot be calculated.\n\nAs a result, iint-\u003eima_hash could have been allocated despite\nima_collect_measurement() returning an error.\n\nSince ima_hash belongs to a temporary inode metadata structure, declared\nat the beginning of __ima_inode_hash(), just add a kfree() call if\nima_collect_measurement() returns an error different from -ENOMEM (in that\ncase, ima_hash should not have been allocated).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50577",
"url": "https://www.suse.com/security/cve/CVE-2022-50577"
},
{
"category": "external",
"summary": "SUSE Bug 1252473 for CVE-2022-50577",
"url": "https://bugzilla.suse.com/1252473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50577"
},
{
"cve": "CVE-2022-50578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclass: fix possible memory leak in __class_register()\n\nIf class_add_groups() returns error, the \u0027cp-\u003esubsys\u0027 need be\nunregister, and the \u0027cp\u0027 need be freed.\n\nWe can not call kset_unregister() here, because the \u0027cls\u0027 will\nbe freed in callback function class_release() and it\u0027s also\nfreed in caller\u0027s error path, it will cause double free.\n\nSo fix this by calling kobject_del() and kfree_const(name) to\ncleanup kobject. Besides, call kfree() to free the \u0027cp\u0027.\n\nFault injection test can trigger this:\n\nunreferenced object 0xffff888102fa8190 (size 8):\n comm \"modprobe\", pid 502, jiffies 4294906074 (age 49.296s)\n hex dump (first 8 bytes):\n 70 6b 74 63 64 76 64 00 pktcdvd.\n backtrace:\n [\u003c00000000e7c7703d\u003e] __kmalloc_track_caller+0x1ae/0x320\n [\u003c000000005e4d70bc\u003e] kstrdup+0x3a/0x70\n [\u003c00000000c2e5e85a\u003e] kstrdup_const+0x68/0x80\n [\u003c000000000049a8c7\u003e] kvasprintf_const+0x10b/0x190\n [\u003c0000000029123163\u003e] kobject_set_name_vargs+0x56/0x150\n [\u003c00000000747219c9\u003e] kobject_set_name+0xab/0xe0\n [\u003c0000000005f1ea4e\u003e] __class_register+0x15c/0x49a\n\nunreferenced object 0xffff888037274000 (size 1024):\n comm \"modprobe\", pid 502, jiffies 4294906074 (age 49.296s)\n hex dump (first 32 bytes):\n 00 40 27 37 80 88 ff ff 00 40 27 37 80 88 ff ff .@\u00277.....@\u00277....\n 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........\n backtrace:\n [\u003c00000000151f9600\u003e] kmem_cache_alloc_trace+0x17c/0x2f0\n [\u003c00000000ecf3dd95\u003e] __class_register+0x86/0x49a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50578",
"url": "https://www.suse.com/security/cve/CVE-2022-50578"
},
{
"category": "external",
"summary": "SUSE Bug 1252519 for CVE-2022-50578",
"url": "https://bugzilla.suse.com/1252519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50578"
},
{
"cve": "CVE-2022-50579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: ftrace: fix module PLTs with mcount\n\nLi Huafei reports that mcount-based ftrace with module PLTs was broken\nby commit:\n\n a6253579977e4c6f (\"arm64: ftrace: consistently handle PLTs.\")\n\nWhen a module PLTs are used and a module is loaded sufficiently far away\nfrom the kernel, we\u0027ll create PLTs for any branches which are\nout-of-range. These are separate from the special ftrace trampoline\nPLTs, which the module PLT code doesn\u0027t directly manipulate.\n\nWhen mcount is in use this is a problem, as each mcount callsite in a\nmodule will be initialized to point to a module PLT, but since commit\na6253579977e4c6f ftrace_make_nop() will assume that the callsite has\nbeen initialized to point to the special ftrace trampoline PLT, and\nftrace_find_callable_addr() rejects other cases.\n\nThis means that when ftrace tries to initialize a callsite via\nftrace_make_nop(), the call to ftrace_find_callable_addr() will find\nthat the `_mcount` stub is out-of-range and is not handled by the ftrace\nPLT, resulting in a splat:\n\n| ftrace_test: loading out-of-tree module taints kernel.\n| ftrace: no module PLT for _mcount\n| ------------[ ftrace bug ]------------\n| ftrace failed to modify\n| [\u003cffff800029180014\u003e] 0xffff800029180014\n| actual: 44:00:00:94\n| Initializing ftrace call sites\n| ftrace record flags: 2000000\n| (0)\n| expected tramp: ffff80000802eb3c\n| ------------[ cut here ]------------\n| WARNING: CPU: 3 PID: 157 at kernel/trace/ftrace.c:2120 ftrace_bug+0x94/0x270\n| Modules linked in:\n| CPU: 3 PID: 157 Comm: insmod Tainted: G O 6.0.0-rc6-00151-gcd722513a189-dirty #22\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : ftrace_bug+0x94/0x270\n| lr : ftrace_bug+0x21c/0x270\n| sp : ffff80000b2bbaf0\n| x29: ffff80000b2bbaf0 x28: 0000000000000000 x27: ffff0000c4d38000\n| x26: 0000000000000001 x25: ffff800009d7e000 x24: ffff0000c4d86e00\n| x23: 0000000002000000 x22: ffff80000a62b000 x21: ffff8000098ebea8\n| x20: ffff0000c4d38000 x19: ffff80000aa24158 x18: ffffffffffffffff\n| x17: 0000000000000000 x16: 0a0d2d2d2d2d2d2d x15: ffff800009aa9118\n| x14: 0000000000000000 x13: 6333626532303830 x12: 3030303866666666\n| x11: 203a706d61727420 x10: 6465746365707865 x9 : 3362653230383030\n| x8 : c0000000ffffefff x7 : 0000000000017fe8 x6 : 000000000000bff4\n| x5 : 0000000000057fa8 x4 : 0000000000000000 x3 : 0000000000000001\n| x2 : ad2cb14bb5438900 x1 : 0000000000000000 x0 : 0000000000000022\n| Call trace:\n| ftrace_bug+0x94/0x270\n| ftrace_process_locs+0x308/0x430\n| ftrace_module_init+0x44/0x60\n| load_module+0x15b4/0x1ce8\n| __do_sys_init_module+0x1ec/0x238\n| __arm64_sys_init_module+0x24/0x30\n| invoke_syscall+0x54/0x118\n| el0_svc_common.constprop.4+0x84/0x100\n| do_el0_svc+0x3c/0xd0\n| el0_svc+0x1c/0x50\n| el0t_64_sync_handler+0x90/0xb8\n| el0t_64_sync+0x15c/0x160\n| ---[ end trace 0000000000000000 ]---\n| ---------test_init-----------\n\nFix this by reverting to the old behaviour of ignoring the old\ninstruction when initialising an mcount callsite in a module, which was\nthe behaviour prior to commit a6253579977e4c6f.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50579",
"url": "https://www.suse.com/security/cve/CVE-2022-50579"
},
{
"category": "external",
"summary": "SUSE Bug 1252521 for CVE-2022-50579",
"url": "https://bugzilla.suse.com/1252521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50579"
},
{
"cve": "CVE-2022-50580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-throttle: prevent overflow while calculating wait time\n\nThere is a problem found by code review in tg_with_in_bps_limit() that\n\u0027bps_limit * jiffy_elapsed_rnd\u0027 might overflow. Fix the problem by\ncalling mul_u64_u64_div_u64() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50580",
"url": "https://www.suse.com/security/cve/CVE-2022-50580"
},
{
"category": "external",
"summary": "SUSE Bug 1252542 for CVE-2022-50580",
"url": "https://bugzilla.suse.com/1252542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50580"
},
{
"cve": "CVE-2022-50581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfs: fix OOB Read in __hfs_brec_find\n\nSyzbot reported a OOB read bug:\n\n==================================================================\nBUG: KASAN: slab-out-of-bounds in hfs_strcmp+0x117/0x190\nfs/hfs/string.c:84\nRead of size 1 at addr ffff88807eb62c4e by task kworker/u4:1/11\nCPU: 1 PID: 11 Comm: kworker/u4:1 Not tainted\n6.1.0-rc6-syzkaller-00308-g644e9524388a #0\nWorkqueue: writeback wb_workfn (flush-7:0)\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report+0xcd/0x100 mm/kasan/report.c:495\n hfs_strcmp+0x117/0x190 fs/hfs/string.c:84\n __hfs_brec_find+0x213/0x5c0 fs/hfs/bfind.c:75\n hfs_brec_find+0x276/0x520 fs/hfs/bfind.c:138\n hfs_write_inode+0x34c/0xb40 fs/hfs/inode.c:462\n write_inode fs/fs-writeback.c:1440 [inline]\n\nIf the input inode of hfs_write_inode() is incorrect:\nstruct inode\n struct hfs_inode_info\n struct hfs_cat_key\n struct hfs_name\n u8 len # len is greater than HFS_NAMELEN(31) which is the\nmaximum length of an HFS filename\n\nOOB read occurred:\nhfs_write_inode()\n hfs_brec_find()\n __hfs_brec_find()\n hfs_cat_keycmp()\n hfs_strcmp() # OOB read occurred due to len is too large\n\nFix this by adding a Check on len in hfs_write_inode() before calling\nhfs_brec_find().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50581",
"url": "https://www.suse.com/security/cve/CVE-2022-50581"
},
{
"category": "external",
"summary": "SUSE Bug 1252549 for CVE-2022-50581",
"url": "https://bugzilla.suse.com/1252549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2022-50581"
},
{
"cve": "CVE-2022-50582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: Prevent integer underflow\n\nBy using a ratio of delay to poll_enabled_time that is not integer\ntime_remaining underflows and does not exit the loop as expected.\nAs delay could be derived from DT and poll_enabled_time is defined\nin the driver this can easily happen.\n\nUse a signed iterator to make sure that the loop exits once\nthe remaining time is negative.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50582",
"url": "https://www.suse.com/security/cve/CVE-2022-50582"
},
{
"category": "external",
"summary": "SUSE Bug 1252476 for CVE-2022-50582",
"url": "https://bugzilla.suse.com/1252476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2022-50582"
},
{
"cve": "CVE-2023-52923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: adapt set backend to use GC transaction API\n\nUse the GC transaction API to replace the old and buggy gc API and the\nbusy mark approach.\n\nNo set elements are removed from async garbage collection anymore,\ninstead the _DEAD bit is set on so the set element is not visible from\nlookup path anymore. Async GC enqueues transaction work that might be\naborted and retried later.\n\nrbtree and pipapo set backends does not set on the _DEAD bit from the\nsync GC path since this runs in control plane path where mutex is held.\nIn this case, set elements are deactivated, removed and then released\nvia RCU callback, sync GC never fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52923",
"url": "https://www.suse.com/security/cve/CVE-2023-52923"
},
{
"category": "external",
"summary": "SUSE Bug 1236104 for CVE-2023-52923",
"url": "https://bugzilla.suse.com/1236104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-52923"
},
{
"cve": "CVE-2023-53365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53365"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n \u003cTASK\u003e\n skb_push+0xc4/0xe0\n ip6mr_cache_report+0xd69/0x19b0\n reg_vif_xmit+0x406/0x690\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n vlan_dev_hard_start_xmit+0x3ab/0x5c0\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n neigh_connected_output+0x3ed/0x570\n ip6_finish_output2+0x5b5/0x1950\n ip6_finish_output+0x693/0x11c0\n ip6_output+0x24b/0x880\n NF_HOOK.constprop.0+0xfd/0x530\n ndisc_send_skb+0x9db/0x1400\n ndisc_send_rs+0x12a/0x6c0\n addrconf_dad_completed+0x3c9/0xea0\n addrconf_dad_work+0x849/0x1420\n process_one_work+0xa22/0x16e0\n worker_thread+0x679/0x10c0\n ret_from_fork+0x28/0x60\n ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n ip6mr_cache_report()\n skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb-\u003edata -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb-\u003edata is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53365",
"url": "https://www.suse.com/security/cve/CVE-2023-53365"
},
{
"category": "external",
"summary": "SUSE Bug 1249988 for CVE-2023-53365",
"url": "https://bugzilla.suse.com/1249988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53365"
},
{
"cve": "CVE-2023-53500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix slab-use-after-free in decode_session6\n\nWhen the xfrm device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when the xfrm device sends IPv6 packets.\n\nThe stack information is as follows:\nBUG: KASAN: slab-use-after-free in decode_session6+0x103f/0x1890\nRead of size 1 at addr ffff8881111458ef by task swapper/3/0\nCPU: 3 PID: 0 Comm: swapper/3 Not tainted 6.4.0-next-20230707 #409\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\nCall Trace:\n\u003cIRQ\u003e\ndump_stack_lvl+0xd9/0x150\nprint_address_description.constprop.0+0x2c/0x3c0\nkasan_report+0x11d/0x130\ndecode_session6+0x103f/0x1890\n__xfrm_decode_session+0x54/0xb0\nxfrmi_xmit+0x173/0x1ca0\ndev_hard_start_xmit+0x187/0x700\nsch_direct_xmit+0x1a3/0xc30\n__qdisc_run+0x510/0x17a0\n__dev_queue_xmit+0x2215/0x3b10\nneigh_connected_output+0x3c2/0x550\nip6_finish_output2+0x55a/0x1550\nip6_finish_output+0x6b9/0x1270\nip6_output+0x1f1/0x540\nndisc_send_skb+0xa63/0x1890\nndisc_send_rs+0x132/0x6f0\naddrconf_rs_timer+0x3f1/0x870\ncall_timer_fn+0x1a0/0x580\nexpire_timers+0x29b/0x4b0\nrun_timer_softirq+0x326/0x910\n__do_softirq+0x1d4/0x905\nirq_exit_rcu+0xb7/0x120\nsysvec_apic_timer_interrupt+0x97/0xc0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:intel_idle_hlt+0x23/0x30\nCode: 1f 84 00 00 00 00 00 f3 0f 1e fa 41 54 41 89 d4 0f 1f 44 00 00 66 90 0f 1f 44 00 00 0f 00 2d c4 9f ab 00 0f 1f 44 00 00 fb f4 \u003cfa\u003e 44 89 e0 41 5c c3 66 0f 1f 44 00 00 f3 0f 1e fa 41 54 41 89 d4\nRSP: 0018:ffffc90000197d78 EFLAGS: 00000246\nRAX: 00000000000a83c3 RBX: ffffe8ffffd09c50 RCX: ffffffff8a22d8e5\nRDX: 0000000000000001 RSI: ffffffff8d3f8080 RDI: ffffe8ffffd09c50\nRBP: ffffffff8d3f8080 R08: 0000000000000001 R09: ffffed1026ba6d9d\nR10: ffff888135d36ceb R11: 0000000000000001 R12: 0000000000000001\nR13: ffffffff8d3f8100 R14: 0000000000000001 R15: 0000000000000000\ncpuidle_enter_state+0xd3/0x6f0\ncpuidle_enter+0x4e/0xa0\ndo_idle+0x2fe/0x3c0\ncpu_startup_entry+0x18/0x20\nstart_secondary+0x200/0x290\nsecondary_startup_64_no_verify+0x167/0x16b\n\u003c/TASK\u003e\nAllocated by task 939:\nkasan_save_stack+0x22/0x40\nkasan_set_track+0x25/0x30\n__kasan_slab_alloc+0x7f/0x90\nkmem_cache_alloc_node+0x1cd/0x410\nkmalloc_reserve+0x165/0x270\n__alloc_skb+0x129/0x330\ninet6_ifa_notify+0x118/0x230\n__ipv6_ifa_notify+0x177/0xbe0\naddrconf_dad_completed+0x133/0xe00\naddrconf_dad_work+0x764/0x1390\nprocess_one_work+0xa32/0x16f0\nworker_thread+0x67d/0x10c0\nkthread+0x344/0x440\nret_from_fork+0x1f/0x30\nThe buggy address belongs to the object at ffff888111145800\nwhich belongs to the cache skbuff_small_head of size 640\nThe buggy address is located 239 bytes inside of\nfreed 640-byte region [ffff888111145800, ffff888111145a80)\n\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)-\u003enhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53500",
"url": "https://www.suse.com/security/cve/CVE-2023-53500"
},
{
"category": "external",
"summary": "SUSE Bug 1250816 for CVE-2023-53500",
"url": "https://bugzilla.suse.com/1250816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53500"
},
{
"cve": "CVE-2023-53533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: raspberrypi-ts - fix refcount leak in rpi_ts_probe\n\nrpi_firmware_get() take reference, we need to release it in error paths\nas well. Use devm_rpi_firmware_get() helper to handling the resources.\nAlso remove the existing rpi_firmware_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53533",
"url": "https://www.suse.com/security/cve/CVE-2023-53533"
},
{
"category": "external",
"summary": "SUSE Bug 1251080 for CVE-2023-53533",
"url": "https://bugzilla.suse.com/1251080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53533"
},
{
"cve": "CVE-2023-53534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc\n\nAs the devm_kcalloc may return NULL, the return value needs to be checked\nto avoid NULL poineter dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53534",
"url": "https://www.suse.com/security/cve/CVE-2023-53534"
},
{
"category": "external",
"summary": "SUSE Bug 1251082 for CVE-2023-53534",
"url": "https://bugzilla.suse.com/1251082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53534"
},
{
"cve": "CVE-2023-53539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix incomplete state save in rxe_requester\n\nIf a send packet is dropped by the IP layer in rxe_requester()\nthe call to rxe_xmit_packet() can fail with err == -EAGAIN.\nTo recover, the state of the wqe is restored to the state before\nthe packet was sent so it can be resent. However, the routines\nthat save and restore the state miss a significnt part of the\nvariable state in the wqe, the dma struct which is used to process\nthrough the sge table. And, the state is not saved before the packet\nis built which modifies the dma struct.\n\nUnder heavy stress testing with many QPs on a fast node sending\nlarge messages to a slow node dropped packets are observed and\nthe resent packets are corrupted because the dma struct was not\nrestored. This patch fixes this behavior and allows the test cases\nto succeed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53539",
"url": "https://www.suse.com/security/cve/CVE-2023-53539"
},
{
"category": "external",
"summary": "SUSE Bug 1251060 for CVE-2023-53539",
"url": "https://bugzilla.suse.com/1251060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53539"
},
{
"cve": "CVE-2023-53541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write\n\nWhen the oob buffer length is not in multiple of words, the oob write\nfunction does out-of-bounds read on the oob source buffer at the last\niteration. Fix that by always checking length limit on the oob buffer\nread and fill with 0xff when reaching the end of the buffer to the oob\nregisters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53541",
"url": "https://www.suse.com/security/cve/CVE-2023-53541"
},
{
"category": "external",
"summary": "SUSE Bug 1251043 for CVE-2023-53541",
"url": "https://bugzilla.suse.com/1251043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53541"
},
{
"cve": "CVE-2023-53542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53542"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy\n\nFor some reason, the driver adding support for Exynos5420 MIPI phy\nback in 2016 wasn\u0027t used on Exynos5420, which caused a kernel panic.\nAdd the proper compatible for it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53542",
"url": "https://www.suse.com/security/cve/CVE-2023-53542"
},
{
"category": "external",
"summary": "SUSE Bug 1251154 for CVE-2023-53542",
"url": "https://bugzilla.suse.com/1251154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53542"
},
{
"cve": "CVE-2023-53546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx\n\nwhen mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory\npointed by \u0027in\u0027 is not released, which will cause memory leak. Move memory\nrelease after mlx5_cmd_exec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53546",
"url": "https://www.suse.com/security/cve/CVE-2023-53546"
},
{
"category": "external",
"summary": "SUSE Bug 1251079 for CVE-2023-53546",
"url": "https://bugzilla.suse.com/1251079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53546"
},
{
"cve": "CVE-2023-53547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53547"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix sdma v4 sw fini error\n\nFix sdma v4 sw fini error for sdma 4.2.2 to\nsolve the following general protection fault\n\n[ +0.108196] general protection fault, probably for non-canonical\naddress 0xd5e5a4ae79d24a32: 0000 [#1] PREEMPT SMP PTI\n[ +0.000018] RIP: 0010:free_fw_priv+0xd/0x70\n[ +0.000022] Call Trace:\n[ +0.000012] \u003cTASK\u003e\n[ +0.000011] release_firmware+0x55/0x80\n[ +0.000021] amdgpu_ucode_release+0x11/0x20 [amdgpu]\n[ +0.000415] amdgpu_sdma_destroy_inst_ctx+0x4f/0x90 [amdgpu]\n[ +0.000360] sdma_v4_0_sw_fini+0xce/0x110 [amdgpu]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53547",
"url": "https://www.suse.com/security/cve/CVE-2023-53547"
},
{
"category": "external",
"summary": "SUSE Bug 1251221 for CVE-2023-53547",
"url": "https://bugzilla.suse.com/1251221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53547"
},
{
"cve": "CVE-2023-53548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb\n\nThe syzbot fuzzer identified a problem in the usbnet driver:\n\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nModules linked in:\nCPU: 0 PID: 754 Comm: kworker/0:2 Not tainted 6.4.0-rc7-syzkaller-00014-g692b7dc87ca6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nCode: 7c 24 18 e8 2c b4 5b fb 48 8b 7c 24 18 e8 42 07 f0 fe 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 a0 c9 fc 8a e8 5a 6f 23 fb \u003c0f\u003e 0b e9 58 f8 ff ff e8 fe b3 5b fb 48 81 c5 c0 05 00 00 e9 84 f7\nRSP: 0018:ffffc9000463f568 EFLAGS: 00010086\nRAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\nRDX: ffff88801eb28000 RSI: ffffffff814c03b7 RDI: 0000000000000001\nRBP: ffff8881443b7190 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003\nR13: ffff88802a77cb18 R14: 0000000000000003 R15: ffff888018262500\nFS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556a99c15a18 CR3: 0000000028c71000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0xfe5/0x2190 drivers/net/usb/usbnet.c:1453\n __netdev_start_xmit include/linux/netdevice.h:4918 [inline]\n netdev_start_xmit include/linux/netdevice.h:4932 [inline]\n xmit_one net/core/dev.c:3578 [inline]\n dev_hard_start_xmit+0x187/0x700 net/core/dev.c:3594\n...\n\nThis bug is caused by the fact that usbnet trusts the bulk endpoint\naddresses its probe routine receives in the driver_info structure, and\nit does not check to see that these endpoints actually exist and have\nthe expected type and directions.\n\nThe fix is simply to add such a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53548",
"url": "https://www.suse.com/security/cve/CVE-2023-53548"
},
{
"category": "external",
"summary": "SUSE Bug 1251066 for CVE-2023-53548",
"url": "https://bugzilla.suse.com/1251066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53548"
},
{
"cve": "CVE-2023-53551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53551"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_serial: Add null pointer check in gserial_resume\n\nConsider a case where gserial_disconnect has already cleared\ngser-\u003eioport. And if a wakeup interrupt triggers afterwards,\ngserial_resume gets called, which will lead to accessing of\ngser-\u003eioport and thus causing null pointer dereference.Add\na null pointer check to prevent this.\n\nAdded a static spinlock to prevent gser-\u003eioport from becoming\nnull after the newly added check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53551",
"url": "https://www.suse.com/security/cve/CVE-2023-53551"
},
{
"category": "external",
"summary": "SUSE Bug 1251063 for CVE-2023-53551",
"url": "https://bugzilla.suse.com/1251063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53551"
},
{
"cve": "CVE-2023-53552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: mark requests for GuC virtual engines to avoid use-after-free\n\nReferences to i915_requests may be trapped by userspace inside a\nsync_file or dmabuf (dma-resv) and held indefinitely across different\nproceses. To counter-act the memory leaks, we try to not to keep\nreferences from the request past their completion.\nOn the other side on fence release we need to know if rq-\u003eengine\nis valid and points to hw engine (true for non-virtual requests).\nTo make it possible extra bit has been added to rq-\u003eexecution_mask,\nfor marking virtual engines.\n\n(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53552",
"url": "https://www.suse.com/security/cve/CVE-2023-53552"
},
{
"category": "external",
"summary": "SUSE Bug 1251065 for CVE-2023-53552",
"url": "https://bugzilla.suse.com/1251065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53552"
},
{
"cve": "CVE-2023-53553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: avoid struct memcpy overrun warning\n\nA previous patch addressed the fortified memcpy warning for most\nbuilds, but I still see this one with gcc-9:\n\nIn file included from include/linux/string.h:254,\n from drivers/hid/hid-hyperv.c:8:\nIn function \u0027fortify_memcpy_chk\u0027,\n inlined from \u0027mousevsc_on_receive\u0027 at drivers/hid/hid-hyperv.c:272:3:\ninclude/linux/fortify-string.h:583:4: error: call to \u0027__write_overflow_field\u0027 declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n 583 | __write_overflow_field(p_size_field, size);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMy guess is that the WARN_ON() itself is what confuses gcc, so it no\nlonger sees that there is a correct range check. Rework the code in a\nway that helps readability and avoids the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53553",
"url": "https://www.suse.com/security/cve/CVE-2023-53553"
},
{
"category": "external",
"summary": "SUSE Bug 1251068 for CVE-2023-53553",
"url": "https://bugzilla.suse.com/1251068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53553"
},
{
"cve": "CVE-2023-53554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53554"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()\n\nThe \"exc-\u003ekey_len\" is a u16 that comes from the user. If it\u0027s over\nIW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53554",
"url": "https://www.suse.com/security/cve/CVE-2023-53554"
},
{
"category": "external",
"summary": "SUSE Bug 1251057 for CVE-2023-53554",
"url": "https://bugzilla.suse.com/1251057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53554"
},
{
"cve": "CVE-2023-53556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix use-after-free in free_netdev\n\nWe do netif_napi_add() for all allocated q_vectors[], but potentially\ndo netif_napi_del() for part of them, then kfree q_vectors and leave\ninvalid pointers at dev-\u003enapi_list.\n\nReproducer:\n\n [root@host ~]# cat repro.sh\n #!/bin/bash\n\n pf_dbsf=\"0000:41:00.0\"\n vf0_dbsf=\"0000:41:02.0\"\n g_pids=()\n\n function do_set_numvf()\n {\n echo 2 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n echo 0 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n }\n\n function do_set_channel()\n {\n local nic=$(ls -1 --indicator-style=none /sys/bus/pci/devices/${vf0_dbsf}/net/)\n [ -z \"$nic\" ] \u0026\u0026 { sleep $((RANDOM%3)) ; return 1; }\n ifconfig $nic 192.168.18.5 netmask 255.255.255.0\n ifconfig $nic up\n ethtool -L $nic combined 1\n ethtool -L $nic combined 4\n sleep $((RANDOM%3))\n }\n\n function on_exit()\n {\n local pid\n for pid in \"${g_pids[@]}\"; do\n kill -0 \"$pid\" \u0026\u003e/dev/null \u0026\u0026 kill \"$pid\" \u0026\u003e/dev/null\n done\n g_pids=()\n }\n\n trap \"on_exit; exit\" EXIT\n\n while :; do do_set_numvf ; done \u0026\n g_pids+=($!)\n while :; do do_set_channel ; done \u0026\n g_pids+=($!)\n\n wait\n\nResult:\n\n[ 4093.900222] ==================================================================\n[ 4093.900230] BUG: KASAN: use-after-free in free_netdev+0x308/0x390\n[ 4093.900232] Read of size 8 at addr ffff88b4dc145640 by task repro.sh/6699\n[ 4093.900233]\n[ 4093.900236] CPU: 10 PID: 6699 Comm: repro.sh Kdump: loaded Tainted: G O --------- -t - 4.18.0 #1\n[ 4093.900238] Hardware name: Powerleader PR2008AL/H12DSi-N6, BIOS 2.0 04/09/2021\n[ 4093.900239] Call Trace:\n[ 4093.900244] dump_stack+0x71/0xab\n[ 4093.900249] print_address_description+0x6b/0x290\n[ 4093.900251] ? free_netdev+0x308/0x390\n[ 4093.900252] kasan_report+0x14a/0x2b0\n[ 4093.900254] free_netdev+0x308/0x390\n[ 4093.900261] iavf_remove+0x825/0xd20 [iavf]\n[ 4093.900265] pci_device_remove+0xa8/0x1f0\n[ 4093.900268] device_release_driver_internal+0x1c6/0x460\n[ 4093.900271] pci_stop_bus_device+0x101/0x150\n[ 4093.900273] pci_stop_and_remove_bus_device+0xe/0x20\n[ 4093.900275] pci_iov_remove_virtfn+0x187/0x420\n[ 4093.900277] ? pci_iov_add_virtfn+0xe10/0xe10\n[ 4093.900278] ? pci_get_subsys+0x90/0x90\n[ 4093.900280] sriov_disable+0xed/0x3e0\n[ 4093.900282] ? bus_find_device+0x12d/0x1a0\n[ 4093.900290] i40e_free_vfs+0x754/0x1210 [i40e]\n[ 4093.900298] ? i40e_reset_all_vfs+0x880/0x880 [i40e]\n[ 4093.900299] ? pci_get_device+0x7c/0x90\n[ 4093.900300] ? pci_get_subsys+0x90/0x90\n[ 4093.900306] ? pci_vfs_assigned.part.7+0x144/0x210\n[ 4093.900309] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900315] i40e_pci_sriov_configure+0x1fa/0x2e0 [i40e]\n[ 4093.900318] sriov_numvfs_store+0x214/0x290\n[ 4093.900320] ? sriov_totalvfs_show+0x30/0x30\n[ 4093.900321] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900323] ? __check_object_size+0x15a/0x350\n[ 4093.900326] kernfs_fop_write+0x280/0x3f0\n[ 4093.900329] vfs_write+0x145/0x440\n[ 4093.900330] ksys_write+0xab/0x160\n[ 4093.900332] ? __ia32_sys_read+0xb0/0xb0\n[ 4093.900334] ? fput_many+0x1a/0x120\n[ 4093.900335] ? filp_close+0xf0/0x130\n[ 4093.900338] do_syscall_64+0xa0/0x370\n[ 4093.900339] ? page_fault+0x8/0x30\n[ 4093.900341] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 4093.900357] RIP: 0033:0x7f16ad4d22c0\n[ 4093.900359] Code: 73 01 c3 48 8b 0d d8 cb 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 24 2d 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 fe dd 01 00 48 89 04 24\n[ 4093.900360] RSP: 002b:00007ffd6491b7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 4093.900362] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f16ad4d22c0\n[ 4093.900363] RDX: 0000000000000002 RSI: 0000000001a41408 RDI: 0000000000000001\n[ 4093.900364] RBP: 0000000001a41408 R08: 00007f16ad7a1780 R09: 00007f16ae1f2700\n[ 4093.9003\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53556",
"url": "https://www.suse.com/security/cve/CVE-2023-53556"
},
{
"category": "external",
"summary": "SUSE Bug 1251059 for CVE-2023-53556",
"url": "https://bugzilla.suse.com/1251059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53556"
},
{
"cve": "CVE-2023-53557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfprobe: Release rethook after the ftrace_ops is unregistered\n\nWhile running bpf selftests it\u0027s possible to get following fault:\n\n general protection fault, probably for non-canonical address \\\n 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC NOPTI\n ...\n Call Trace:\n \u003cTASK\u003e\n fprobe_handler+0xc1/0x270\n ? __pfx_bpf_testmod_init+0x10/0x10\n ? __pfx_bpf_testmod_init+0x10/0x10\n ? bpf_fentry_test1+0x5/0x10\n ? bpf_fentry_test1+0x5/0x10\n ? bpf_testmod_init+0x22/0x80\n ? do_one_initcall+0x63/0x2e0\n ? rcu_is_watching+0xd/0x40\n ? kmalloc_trace+0xaf/0xc0\n ? do_init_module+0x60/0x250\n ? __do_sys_finit_module+0xac/0x120\n ? do_syscall_64+0x37/0x90\n ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n \u003c/TASK\u003e\n\nIn unregister_fprobe function we can\u0027t release fp-\u003erethook while it\u0027s\npossible there are some of its users still running on another cpu.\n\nMoving rethook_free call after fp-\u003eops is unregistered with\nunregister_ftrace_function call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53557",
"url": "https://www.suse.com/security/cve/CVE-2023-53557"
},
{
"category": "external",
"summary": "SUSE Bug 1251054 for CVE-2023-53557",
"url": "https://bugzilla.suse.com/1251054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53557"
},
{
"cve": "CVE-2023-53559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip_vti: fix potential slab-use-after-free in decode_session6\n\nWhen ip_vti device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when ip_vti device sends IPv6 packets.\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)-\u003enhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53559",
"url": "https://www.suse.com/security/cve/CVE-2023-53559"
},
{
"category": "external",
"summary": "SUSE Bug 1251052 for CVE-2023-53559",
"url": "https://bugzilla.suse.com/1251052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53559"
},
{
"cve": "CVE-2023-53560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histograms: Add histograms to hist_vars if they have referenced variables\n\nHist triggers can have referenced variables without having direct\nvariables fields. This can be the case if referenced variables are added\nfor trigger actions. In this case the newly added references will not\nhave field variables. Not taking such referenced variables into\nconsideration can result in a bug where it would be possible to remove\nhist trigger with variables being refenced. This will result in a bug\nthat is easily reproducable like so\n\n$ cd /sys/kernel/tracing\n$ echo \u0027synthetic_sys_enter char[] comm; long id\u0027 \u003e\u003e synthetic_events\n$ echo \u0027hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n$ echo \u0027hist:keys=common_pid.execname,id.syscall:onmatch(raw_syscalls.sys_enter).synthetic_sys_enter($comm, id)\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n$ echo \u0027!hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n\n[ 100.263533] ==================================================================\n[ 100.264634] BUG: KASAN: slab-use-after-free in resolve_var_refs+0xc7/0x180\n[ 100.265520] Read of size 8 at addr ffff88810375d0f0 by task bash/439\n[ 100.266320]\n[ 100.266533] CPU: 2 PID: 439 Comm: bash Not tainted 6.5.0-rc1 #4\n[ 100.267277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-20220807_005459-localhost 04/01/2014\n[ 100.268561] Call Trace:\n[ 100.268902] \u003cTASK\u003e\n[ 100.269189] dump_stack_lvl+0x4c/0x70\n[ 100.269680] print_report+0xc5/0x600\n[ 100.270165] ? resolve_var_refs+0xc7/0x180\n[ 100.270697] ? kasan_complete_mode_report_info+0x80/0x1f0\n[ 100.271389] ? resolve_var_refs+0xc7/0x180\n[ 100.271913] kasan_report+0xbd/0x100\n[ 100.272380] ? resolve_var_refs+0xc7/0x180\n[ 100.272920] __asan_load8+0x71/0xa0\n[ 100.273377] resolve_var_refs+0xc7/0x180\n[ 100.273888] event_hist_trigger+0x749/0x860\n[ 100.274505] ? kasan_save_stack+0x2a/0x50\n[ 100.275024] ? kasan_set_track+0x29/0x40\n[ 100.275536] ? __pfx_event_hist_trigger+0x10/0x10\n[ 100.276138] ? ksys_write+0xd1/0x170\n[ 100.276607] ? do_syscall_64+0x3c/0x90\n[ 100.277099] ? entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.277771] ? destroy_hist_data+0x446/0x470\n[ 100.278324] ? event_hist_trigger_parse+0xa6c/0x3860\n[ 100.278962] ? __pfx_event_hist_trigger_parse+0x10/0x10\n[ 100.279627] ? __kasan_check_write+0x18/0x20\n[ 100.280177] ? mutex_unlock+0x85/0xd0\n[ 100.280660] ? __pfx_mutex_unlock+0x10/0x10\n[ 100.281200] ? kfree+0x7b/0x120\n[ 100.281619] ? ____kasan_slab_free+0x15d/0x1d0\n[ 100.282197] ? event_trigger_write+0xac/0x100\n[ 100.282764] ? __kasan_slab_free+0x16/0x20\n[ 100.283293] ? __kmem_cache_free+0x153/0x2f0\n[ 100.283844] ? sched_mm_cid_remote_clear+0xb1/0x250\n[ 100.284550] ? __pfx_sched_mm_cid_remote_clear+0x10/0x10\n[ 100.285221] ? event_trigger_write+0xbc/0x100\n[ 100.285781] ? __kasan_check_read+0x15/0x20\n[ 100.286321] ? __bitmap_weight+0x66/0xa0\n[ 100.286833] ? _find_next_bit+0x46/0xe0\n[ 100.287334] ? task_mm_cid_work+0x37f/0x450\n[ 100.287872] event_triggers_call+0x84/0x150\n[ 100.288408] trace_event_buffer_commit+0x339/0x430\n[ 100.289073] ? ring_buffer_event_data+0x3f/0x60\n[ 100.292189] trace_event_raw_event_sys_enter+0x8b/0xe0\n[ 100.295434] syscall_trace_enter.constprop.0+0x18f/0x1b0\n[ 100.298653] syscall_enter_from_user_mode+0x32/0x40\n[ 100.301808] do_syscall_64+0x1a/0x90\n[ 100.304748] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.307775] RIP: 0033:0x7f686c75c1cb\n[ 100.310617] Code: 73 01 c3 48 8b 0d 65 3c 10 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 21 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 35 3c 10 00 f7 d8 64 89 01 48\n[ 100.317847] RSP: 002b:00007ffc60137a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000021\n[ 100.321200] RA\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53560",
"url": "https://www.suse.com/security/cve/CVE-2023-53560"
},
{
"category": "external",
"summary": "SUSE Bug 1251045 for CVE-2023-53560",
"url": "https://bugzilla.suse.com/1251045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53560"
},
{
"cve": "CVE-2023-53562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53562"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: fix vram leak on bind errors\n\nMake sure to release the VRAM buffer also in a case a subcomponent fails\nto bind.\n\nPatchwork: https://patchwork.freedesktop.org/patch/525094/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53562",
"url": "https://www.suse.com/security/cve/CVE-2023-53562"
},
{
"category": "external",
"summary": "SUSE Bug 1251046 for CVE-2023-53562",
"url": "https://bugzilla.suse.com/1251046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53562"
},
{
"cve": "CVE-2023-53564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix defrag path triggering jbd2 ASSERT\n\ncode path:\n\nocfs2_ioctl_move_extents\n ocfs2_move_extents\n ocfs2_defrag_extent\n __ocfs2_move_extent\n + ocfs2_journal_access_di\n + ocfs2_split_extent //sub-paths call jbd2_journal_restart\n + ocfs2_journal_dirty //crash by jbs2 ASSERT\n\ncrash stacks:\n\nPID: 11297 TASK: ffff974a676dcd00 CPU: 67 COMMAND: \"defragfs.ocfs2\"\n #0 [ffffb25d8dad3900] machine_kexec at ffffffff8386fe01\n #1 [ffffb25d8dad3958] __crash_kexec at ffffffff8395959d\n #2 [ffffb25d8dad3a20] crash_kexec at ffffffff8395a45d\n #3 [ffffb25d8dad3a38] oops_end at ffffffff83836d3f\n #4 [ffffb25d8dad3a58] do_trap at ffffffff83833205\n #5 [ffffb25d8dad3aa0] do_invalid_op at ffffffff83833aa6\n #6 [ffffb25d8dad3ac0] invalid_op at ffffffff84200d18\n [exception RIP: jbd2_journal_dirty_metadata+0x2ba]\n RIP: ffffffffc09ca54a RSP: ffffb25d8dad3b70 RFLAGS: 00010207\n RAX: 0000000000000000 RBX: ffff9706eedc5248 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: ffff97337029ea28 RDI: ffff9706eedc5250\n RBP: ffff9703c3520200 R8: 000000000f46b0b2 R9: 0000000000000000\n R10: 0000000000000001 R11: 00000001000000fe R12: ffff97337029ea28\n R13: 0000000000000000 R14: ffff9703de59bf60 R15: ffff9706eedc5250\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #7 [ffffb25d8dad3ba8] ocfs2_journal_dirty at ffffffffc137fb95 [ocfs2]\n #8 [ffffb25d8dad3be8] __ocfs2_move_extent at ffffffffc139a950 [ocfs2]\n #9 [ffffb25d8dad3c80] ocfs2_defrag_extent at ffffffffc139b2d2 [ocfs2]\n\nAnalysis\n\nThis bug has the same root cause of \u0027commit 7f27ec978b0e (\"ocfs2: call\nocfs2_journal_access_di() before ocfs2_journal_dirty() in\nocfs2_write_end_nolock()\")\u0027. For this bug, jbd2_journal_restart() is\ncalled by ocfs2_split_extent() during defragmenting.\n\nHow to fix\n\nFor ocfs2_split_extent() can handle journal operations totally by itself. \nCaller doesn\u0027t need to call journal access/dirty pair, and caller only\nneeds to call journal start/stop pair. The fix method is to remove\njournal access/dirty from __ocfs2_move_extent().\n\nThe discussion for this patch:\nhttps://oss.oracle.com/pipermail/ocfs2-devel/2023-February/000647.html",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53564",
"url": "https://www.suse.com/security/cve/CVE-2023-53564"
},
{
"category": "external",
"summary": "SUSE Bug 1251072 for CVE-2023-53564",
"url": "https://bugzilla.suse.com/1251072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53564"
},
{
"cve": "CVE-2023-53566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_rbtree: fix null deref on element insertion\n\nThere is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem():\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n nft_add_set_elem+0x14b0/0x2990\n nf_tables_newsetelem+0x528/0xb30\n\nFurthermore, there is a possible use-after-free while iterating,\n\u0027node\u0027 can be free\u0027d so we need to cache the next value to use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53566",
"url": "https://www.suse.com/security/cve/CVE-2023-53566"
},
{
"category": "external",
"summary": "SUSE Bug 1251040 for CVE-2023-53566",
"url": "https://bugzilla.suse.com/1251040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53566"
},
{
"cve": "CVE-2023-53567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: qup: Don\u0027t skip cleanup in remove\u0027s error path\n\nReturning early in a platform driver\u0027s remove callback is wrong. In this\ncase the dma resources are not released in the error path. this is never\nretried later and so this is a permanent leak. To fix this, only skip\nhardware disabling if waking the device fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53567",
"url": "https://www.suse.com/security/cve/CVE-2023-53567"
},
{
"category": "external",
"summary": "SUSE Bug 1251034 for CVE-2023-53567",
"url": "https://bugzilla.suse.com/1251034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53567"
},
{
"cve": "CVE-2023-53568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: don\u0027t leak memory if dev_set_name() fails\n\nWhen dev_set_name() fails, zcdn_create() doesn\u0027t free the newly\nallocated resources. Do it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53568",
"url": "https://www.suse.com/security/cve/CVE-2023-53568"
},
{
"category": "external",
"summary": "SUSE Bug 1251035 for CVE-2023-53568",
"url": "https://bugzilla.suse.com/1251035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53568"
},
{
"cve": "CVE-2023-53571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: Make intel_get_crtc_new_encoder() less oopsy\n\nThe point of the WARN was to print something, not oops\nstraight up. Currently that is precisely what happens\nif we can\u0027t find the connector for the crtc in the atomic\nstate. Get the dev pointer from the atomic state instead\nof the potentially NULL encoder to avoid that.\n\n(cherry picked from commit 3b6692357f70498f617ea1b31a0378070a0acf1c)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53571",
"url": "https://www.suse.com/security/cve/CVE-2023-53571"
},
{
"category": "external",
"summary": "SUSE Bug 1251032 for CVE-2023-53571",
"url": "https://bugzilla.suse.com/1251032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53571"
},
{
"cve": "CVE-2023-53572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: scu: use _safe list iterator to avoid a use after free\n\nThis loop is freeing \"clk\" so it needs to use list_for_each_entry_safe().\nOtherwise it dereferences a freed variable to get the next item on the\nloop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53572",
"url": "https://www.suse.com/security/cve/CVE-2023-53572"
},
{
"category": "external",
"summary": "SUSE Bug 1251027 for CVE-2023-53572",
"url": "https://bugzilla.suse.com/1251027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53572"
},
{
"cve": "CVE-2023-53574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: delete timer and free skb queue when unloading\n\nFix possible crash and memory leak on driver unload by deleting\nTX purge timer and freeing C2H queue in \u0027rtw_core_deinit()\u0027,\nshrink critical section in the latter by freeing COEX queue\nout of TX report lock scope.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53574",
"url": "https://www.suse.com/security/cve/CVE-2023-53574"
},
{
"category": "external",
"summary": "SUSE Bug 1251222 for CVE-2023-53574",
"url": "https://bugzilla.suse.com/1251222"
},
{
"category": "external",
"summary": "SUSE Bug 1251984 for CVE-2023-53574",
"url": "https://bugzilla.suse.com/1251984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53574"
},
{
"cve": "CVE-2023-53578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: Fix an uninit variable access bug in qrtr_tx_resume()\n\nSyzbot reported a bug as following:\n\n=====================================================\nBUG: KMSAN: uninit-value in qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230\n qrtr_tx_resume+0x185/0x1f0 net/qrtr/af_qrtr.c:230\n qrtr_endpoint_post+0xf85/0x11b0 net/qrtr/af_qrtr.c:519\n qrtr_tun_write_iter+0x270/0x400 net/qrtr/tun.c:108\n call_write_iter include/linux/fs.h:2189 [inline]\n aio_write+0x63a/0x950 fs/aio.c:1600\n io_submit_one+0x1d1c/0x3bf0 fs/aio.c:2019\n __do_sys_io_submit fs/aio.c:2078 [inline]\n __se_sys_io_submit+0x293/0x770 fs/aio.c:2048\n __x64_sys_io_submit+0x92/0xd0 fs/aio.c:2048\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook mm/slab.h:766 [inline]\n slab_alloc_node mm/slub.c:3452 [inline]\n __kmem_cache_alloc_node+0x71f/0xce0 mm/slub.c:3491\n __do_kmalloc_node mm/slab_common.c:967 [inline]\n __kmalloc_node_track_caller+0x114/0x3b0 mm/slab_common.c:988\n kmalloc_reserve net/core/skbuff.c:492 [inline]\n __alloc_skb+0x3af/0x8f0 net/core/skbuff.c:565\n __netdev_alloc_skb+0x120/0x7d0 net/core/skbuff.c:630\n qrtr_endpoint_post+0xbd/0x11b0 net/qrtr/af_qrtr.c:446\n qrtr_tun_write_iter+0x270/0x400 net/qrtr/tun.c:108\n call_write_iter include/linux/fs.h:2189 [inline]\n aio_write+0x63a/0x950 fs/aio.c:1600\n io_submit_one+0x1d1c/0x3bf0 fs/aio.c:2019\n __do_sys_io_submit fs/aio.c:2078 [inline]\n __se_sys_io_submit+0x293/0x770 fs/aio.c:2048\n __x64_sys_io_submit+0x92/0xd0 fs/aio.c:2048\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIt is because that skb-\u003elen requires at least sizeof(struct qrtr_ctrl_pkt)\nin qrtr_tx_resume(). And skb-\u003elen equals to size in qrtr_endpoint_post().\nBut size is less than sizeof(struct qrtr_ctrl_pkt) when qrtr_cb-\u003etype\nequals to QRTR_TYPE_RESUME_TX in qrtr_endpoint_post() under the syzbot\nscenario. This triggers the uninit variable access bug.\n\nAdd size check when qrtr_cb-\u003etype equals to QRTR_TYPE_RESUME_TX in\nqrtr_endpoint_post() to fix the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53578",
"url": "https://www.suse.com/security/cve/CVE-2023-53578"
},
{
"category": "external",
"summary": "SUSE Bug 1251174 for CVE-2023-53578",
"url": "https://bugzilla.suse.com/1251174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53578"
},
{
"cve": "CVE-2023-53579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix irq domain leak\n\nUwe Kleine-Knig pointed out we still have one resource leak in the mvebu\ndriver triggered on driver detach. Let\u0027s address it with a custom devm\naction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53579",
"url": "https://www.suse.com/security/cve/CVE-2023-53579"
},
{
"category": "external",
"summary": "SUSE Bug 1251170 for CVE-2023-53579",
"url": "https://bugzilla.suse.com/1251170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53579"
},
{
"cve": "CVE-2023-53580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: Gadget: core: Help prevent panic during UVC unconfigure\n\nAvichal Rakesh reported a kernel panic that occurred when the UVC\ngadget driver was removed from a gadget\u0027s configuration. The panic\ninvolves a somewhat complicated interaction between the kernel driver\nand a userspace component (as described in the Link tag below), but\nthe analysis did make one thing clear: The Gadget core should\naccomodate gadget drivers calling usb_gadget_deactivate() as part of\ntheir unbind procedure.\n\nCurrently this doesn\u0027t work. gadget_unbind_driver() calls\ndriver-\u003eunbind() while holding the udc-\u003econnect_lock mutex, and\nusb_gadget_deactivate() attempts to acquire that mutex, which will\nresult in a deadlock.\n\nThe simple fix is for gadget_unbind_driver() to release the mutex when\ninvoking the -\u003eunbind() callback. There is no particular reason for\nit to be holding the mutex at that time, and the mutex isn\u0027t held\nwhile the -\u003ebind() callback is invoked. So we\u0027ll drop the mutex\nbefore performing the unbind callback and reacquire it afterward.\n\nWe\u0027ll also add a couple of comments to usb_gadget_activate() and\nusb_gadget_deactivate(). Because they run in process context they\nmust not be called from a gadget driver\u0027s -\u003edisconnect() callback,\nwhich (according to the kerneldoc for struct usb_gadget_driver in\ninclude/linux/usb/gadget.h) may run in interrupt context. This may\nhelp prevent similar bugs from arising in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53580",
"url": "https://www.suse.com/security/cve/CVE-2023-53580"
},
{
"category": "external",
"summary": "SUSE Bug 1251105 for CVE-2023-53580",
"url": "https://bugzilla.suse.com/1251105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53580"
},
{
"cve": "CVE-2023-53581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Check for NOT_READY flag state after locking\n\nCurrently the check for NOT_READY flag is performed before obtaining the\nnecessary lock. This opens a possibility for race condition when the flow\nis concurrently removed from unready_flows list by the workqueue task,\nwhich causes a double-removal from the list and a crash[0]. Fix the issue\nby moving the flag check inside the section protected by\nuplink_priv-\u003eunready_flows_lock mutex.\n\n[0]:\n[44376.389654] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP\n[44376.391665] CPU: 7 PID: 59123 Comm: tc Not tainted 6.4.0-rc4+ #1\n[44376.392984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[44376.395342] RIP: 0010:mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.396857] Code: 00 48 8b b8 68 ce 02 00 e8 8a 4d 02 00 4c 8d a8 a8 01 00 00 4c 89 ef e8 8b 79 88 e1 48 8b 83 98 06 00 00 48 8b 93 90 06 00 00 \u003c48\u003e 89 42 08 48 89 10 48 b8 00 01 00 00 00 00 ad de 48 89 83 90 06\n[44376.399167] RSP: 0018:ffff88812cc97570 EFLAGS: 00010246\n[44376.399680] RAX: dead000000000122 RBX: ffff8881088e3800 RCX: ffff8881881bac00\n[44376.400337] RDX: dead000000000100 RSI: ffff88812cc97500 RDI: ffff8881242f71b0\n[44376.401001] RBP: ffff88811cbb0940 R08: 0000000000000400 R09: 0000000000000001\n[44376.401663] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88812c944000\n[44376.402342] R13: ffff8881242f71a8 R14: ffff8881222b4000 R15: 0000000000000000\n[44376.402999] FS: 00007f0451104800(0000) GS:ffff88852cb80000(0000) knlGS:0000000000000000\n[44376.403787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[44376.404343] CR2: 0000000000489108 CR3: 0000000123a79003 CR4: 0000000000370ea0\n[44376.405004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[44376.405665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[44376.406339] Call Trace:\n[44376.406651] \u003cTASK\u003e\n[44376.406939] ? die_addr+0x33/0x90\n[44376.407311] ? exc_general_protection+0x192/0x390\n[44376.407795] ? asm_exc_general_protection+0x22/0x30\n[44376.408292] ? mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.408876] __mlx5e_tc_del_fdb_peer_flow+0xbc/0xe0 [mlx5_core]\n[44376.409482] mlx5e_tc_del_flow+0x42/0x210 [mlx5_core]\n[44376.410055] mlx5e_flow_put+0x25/0x50 [mlx5_core]\n[44376.410529] mlx5e_delete_flower+0x24b/0x350 [mlx5_core]\n[44376.411043] tc_setup_cb_reoffload+0x22/0x80\n[44376.411462] fl_reoffload+0x261/0x2f0 [cls_flower]\n[44376.411907] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.412481] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.413044] tcf_block_playback_offloads+0x76/0x170\n[44376.413497] tcf_block_unbind+0x7b/0xd0\n[44376.413881] tcf_block_setup+0x17d/0x1c0\n[44376.414269] tcf_block_offload_cmd.isra.0+0xf1/0x130\n[44376.414725] tcf_block_offload_unbind+0x43/0x70\n[44376.415153] __tcf_block_put+0x82/0x150\n[44376.415532] ingress_destroy+0x22/0x30 [sch_ingress]\n[44376.415986] qdisc_destroy+0x3b/0xd0\n[44376.416343] qdisc_graft+0x4d0/0x620\n[44376.416706] tc_get_qdisc+0x1c9/0x3b0\n[44376.417074] rtnetlink_rcv_msg+0x29c/0x390\n[44376.419978] ? rep_movs_alternative+0x3a/0xa0\n[44376.420399] ? rtnl_calcit.isra.0+0x120/0x120\n[44376.420813] netlink_rcv_skb+0x54/0x100\n[44376.421192] netlink_unicast+0x1f6/0x2c0\n[44376.421573] netlink_sendmsg+0x232/0x4a0\n[44376.421980] sock_sendmsg+0x38/0x60\n[44376.422328] ____sys_sendmsg+0x1d0/0x1e0\n[44376.422709] ? copy_msghdr_from_user+0x6d/0xa0\n[44376.423127] ___sys_sendmsg+0x80/0xc0\n[44376.423495] ? ___sys_recvmsg+0x8b/0xc0\n[44376.423869] __sys_sendmsg+0x51/0x90\n[44376.424226] do_syscall_64+0x3d/0x90\n[44376.424587] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[44376.425046] RIP: 0033:0x7f045134f887\n[44376.425403] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53581",
"url": "https://www.suse.com/security/cve/CVE-2023-53581"
},
{
"category": "external",
"summary": "SUSE Bug 1251106 for CVE-2023-53581",
"url": "https://bugzilla.suse.com/1251106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53581"
},
{
"cve": "CVE-2023-53582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds\n\nFix a stack-out-of-bounds read in brcmfmac that occurs\nwhen \u0027buf\u0027 that is not null-terminated is passed as an argument of\nstrreplace() in brcmf_c_preinit_dcmds(). This buffer is filled with\na CLM version string by memcpy() in brcmf_fil_iovar_data_get().\nEnsure buf is null-terminated.\n\nFound by a modified version of syzkaller.\n\n[ 33.004414][ T1896] brcmfmac: brcmf_c_process_clm_blob: no clm_blob available (err=-2), device may have limited channels available\n[ 33.013486][ T1896] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM43236/3 wl0: Nov 30 2011 17:33:42 version 5.90.188.22\n[ 33.021554][ T1896] ==================================================================\n[ 33.022379][ T1896] BUG: KASAN: stack-out-of-bounds in strreplace+0xf2/0x110\n[ 33.023122][ T1896] Read of size 1 at addr ffffc90001d6efc8 by task kworker/0:2/1896\n[ 33.023852][ T1896]\n[ 33.024096][ T1896] CPU: 0 PID: 1896 Comm: kworker/0:2 Tainted: G O 5.14.0+ #132\n[ 33.024927][ T1896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\n[ 33.026065][ T1896] Workqueue: usb_hub_wq hub_event\n[ 33.026581][ T1896] Call Trace:\n[ 33.026896][ T1896] dump_stack_lvl+0x57/0x7d\n[ 33.027372][ T1896] print_address_description.constprop.0.cold+0xf/0x334\n[ 33.028037][ T1896] ? strreplace+0xf2/0x110\n[ 33.028403][ T1896] ? strreplace+0xf2/0x110\n[ 33.028807][ T1896] kasan_report.cold+0x83/0xdf\n[ 33.029283][ T1896] ? strreplace+0xf2/0x110\n[ 33.029666][ T1896] strreplace+0xf2/0x110\n[ 33.029966][ T1896] brcmf_c_preinit_dcmds+0xab1/0xc40\n[ 33.030351][ T1896] ? brcmf_c_set_joinpref_default+0x100/0x100\n[ 33.030787][ T1896] ? rcu_read_lock_sched_held+0xa1/0xd0\n[ 33.031223][ T1896] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 33.031661][ T1896] ? lock_acquire+0x19d/0x4e0\n[ 33.032091][ T1896] ? find_held_lock+0x2d/0x110\n[ 33.032605][ T1896] ? brcmf_usb_deq+0x1a7/0x260\n[ 33.033087][ T1896] ? brcmf_usb_rx_fill_all+0x5a/0xf0\n[ 33.033582][ T1896] brcmf_attach+0x246/0xd40\n[ 33.034022][ T1896] ? wiphy_new_nm+0x1476/0x1d50\n[ 33.034383][ T1896] ? kmemdup+0x30/0x40\n[ 33.034722][ T1896] brcmf_usb_probe+0x12de/0x1690\n[ 33.035223][ T1896] ? brcmf_usbdev_qinit.constprop.0+0x470/0x470\n[ 33.035833][ T1896] usb_probe_interface+0x25f/0x710\n[ 33.036315][ T1896] really_probe+0x1be/0xa90\n[ 33.036656][ T1896] __driver_probe_device+0x2ab/0x460\n[ 33.037026][ T1896] ? usb_match_id.part.0+0x88/0xc0\n[ 33.037383][ T1896] driver_probe_device+0x49/0x120\n[ 33.037790][ T1896] __device_attach_driver+0x18a/0x250\n[ 33.038300][ T1896] ? driver_allows_async_probing+0x120/0x120\n[ 33.038986][ T1896] bus_for_each_drv+0x123/0x1a0\n[ 33.039906][ T1896] ? bus_rescan_devices+0x20/0x20\n[ 33.041412][ T1896] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 33.041861][ T1896] ? trace_hardirqs_on+0x1c/0x120\n[ 33.042330][ T1896] __device_attach+0x207/0x330\n[ 33.042664][ T1896] ? device_bind_driver+0xb0/0xb0\n[ 33.043026][ T1896] ? kobject_uevent_env+0x230/0x12c0\n[ 33.043515][ T1896] bus_probe_device+0x1a2/0x260\n[ 33.043914][ T1896] device_add+0xa61/0x1ce0\n[ 33.044227][ T1896] ? __mutex_unlock_slowpath+0xe7/0x660\n[ 33.044891][ T1896] ? __fw_devlink_link_to_suppliers+0x550/0x550\n[ 33.045531][ T1896] usb_set_configuration+0x984/0x1770\n[ 33.046051][ T1896] ? kernfs_create_link+0x175/0x230\n[ 33.046548][ T1896] usb_generic_driver_probe+0x69/0x90\n[ 33.046931][ T1896] usb_probe_device+0x9c/0x220\n[ 33.047434][ T1896] really_probe+0x1be/0xa90\n[ 33.047760][ T1896] __driver_probe_device+0x2ab/0x460\n[ 33.048134][ T1896] driver_probe_device+0x49/0x120\n[ 33.048516][ T1896] __device_attach_driver+0x18a/0x250\n[ 33.048910][ T1896] ? driver_allows_async_probing+0x120/0x120\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53582",
"url": "https://www.suse.com/security/cve/CVE-2023-53582"
},
{
"category": "external",
"summary": "SUSE Bug 1251061 for CVE-2023-53582",
"url": "https://bugzilla.suse.com/1251061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53582"
},
{
"cve": "CVE-2023-53587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Sync IRQ works before buffer destruction\n\nIf something was written to the buffer just before destruction,\nit may be possible (maybe not in a real system, but it did\nhappen in ARCH=um with time-travel) to destroy the ringbuffer\nbefore the IRQ work ran, leading this KASAN report (or a crash\nwithout KASAN):\n\n BUG: KASAN: slab-use-after-free in irq_work_run_list+0x11a/0x13a\n Read of size 8 at addr 000000006d640a48 by task swapper/0\n\n CPU: 0 PID: 0 Comm: swapper Tainted: G W O 6.3.0-rc1 #7\n Stack:\n 60c4f20f 0c203d48 41b58ab3 60f224fc\n 600477fa 60f35687 60c4f20f 601273dd\n 00000008 6101eb00 6101eab0 615be548\n Call Trace:\n [\u003c60047a58\u003e] show_stack+0x25e/0x282\n [\u003c60c609e0\u003e] dump_stack_lvl+0x96/0xfd\n [\u003c60c50d4c\u003e] print_report+0x1a7/0x5a8\n [\u003c603078d3\u003e] kasan_report+0xc1/0xe9\n [\u003c60308950\u003e] __asan_report_load8_noabort+0x1b/0x1d\n [\u003c60232844\u003e] irq_work_run_list+0x11a/0x13a\n [\u003c602328b4\u003e] irq_work_tick+0x24/0x34\n [\u003c6017f9dc\u003e] update_process_times+0x162/0x196\n [\u003c6019f335\u003e] tick_sched_handle+0x1a4/0x1c3\n [\u003c6019fd9e\u003e] tick_sched_timer+0x79/0x10c\n [\u003c601812b9\u003e] __hrtimer_run_queues.constprop.0+0x425/0x695\n [\u003c60182913\u003e] hrtimer_interrupt+0x16c/0x2c4\n [\u003c600486a3\u003e] um_timer+0x164/0x183\n [...]\n\n Allocated by task 411:\n save_stack_trace+0x99/0xb5\n stack_trace_save+0x81/0x9b\n kasan_save_stack+0x2d/0x54\n kasan_set_track+0x34/0x3e\n kasan_save_alloc_info+0x25/0x28\n ____kasan_kmalloc+0x8b/0x97\n __kasan_kmalloc+0x10/0x12\n __kmalloc+0xb2/0xe8\n load_elf_phdrs+0xee/0x182\n [...]\n\n The buggy address belongs to the object at 000000006d640800\n which belongs to the cache kmalloc-1k of size 1024\n The buggy address is located 584 bytes inside of\n freed 1024-byte region [000000006d640800, 000000006d640c00)\n\nAdd the appropriate irq_work_sync() so the work finishes before\nthe buffers are destroyed.\n\nPrior to the commit in the Fixes tag below, there was only a\nsingle global IRQ work, so this issue didn\u0027t exist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53587",
"url": "https://www.suse.com/security/cve/CVE-2023-53587"
},
{
"category": "external",
"summary": "SUSE Bug 1251128 for CVE-2023-53587",
"url": "https://bugzilla.suse.com/1251128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53587"
},
{
"cve": "CVE-2023-53589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t trust firmware n_channels\n\nIf the firmware sends us a corrupted MCC response with\nn_channels much larger than the command response can be,\nwe might copy far too much (uninitialized) memory and\neven crash if the n_channels is large enough to make it\nrun out of the one page allocated for the FW response.\n\nFix that by checking the lengths. Doing a \u003c comparison\nwould be sufficient, but the firmware should be doing\nit correctly, so check more strictly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53589",
"url": "https://www.suse.com/security/cve/CVE-2023-53589"
},
{
"category": "external",
"summary": "SUSE Bug 1251129 for CVE-2023-53589",
"url": "https://bugzilla.suse.com/1251129"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53589"
},
{
"cve": "CVE-2023-53591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix deadlock in tc route query code\n\nCited commit causes ABBA deadlock[0] when peer flows are created while\nholding the devcom rw semaphore. Due to peer flows offload implementation\nthe lock is taken much higher up the call chain and there is no obvious way\nto easily fix the deadlock. Instead, since tc route query code needs the\npeer eswitch structure only to perform a lookup in xarray and doesn\u0027t\nperform any sleeping operations with it, refactor the code for lockless\nexecution in following ways:\n\n- RCUify the devcom \u0027data\u0027 pointer. When resetting the pointer\nsynchronously wait for RCU grace period before returning. This is fine\nsince devcom is currently only used for synchronization of\npairing/unpairing of eswitches which is rare and already expensive as-is.\n\n- Wrap all usages of \u0027paired\u0027 boolean in {READ|WRITE}_ONCE(). The flag has\nalready been used in some unlocked contexts without proper\nannotations (e.g. users of mlx5_devcom_is_paired() function), but it wasn\u0027t\nan issue since all relevant code paths checked it again after obtaining the\ndevcom semaphore. Now it is also used by mlx5_devcom_get_peer_data_rcu() as\n\"best effort\" check to return NULL when devcom is being unpaired. Note that\nwhile RCU read lock doesn\u0027t prevent the unpaired flag from being changed\nconcurrently it still guarantees that reader can continue to use \u0027data\u0027.\n\n- Refactor mlx5e_tc_query_route_vport() function to use new\nmlx5_devcom_get_peer_data_rcu() API which fixes the deadlock.\n\n[0]:\n\n[ 164.599612] ======================================================\n[ 164.600142] WARNING: possible circular locking dependency detected\n[ 164.600667] 6.3.0-rc3+ #1 Not tainted\n[ 164.601021] ------------------------------------------------------\n[ 164.601557] handler1/3456 is trying to acquire lock:\n[ 164.601998] ffff88811f1714b0 (\u0026esw-\u003eoffloads.encap_tbl_lock){+.+.}-{3:3}, at: mlx5e_attach_encap+0xd8/0x8b0 [mlx5_core]\n[ 164.603078]\n but task is already holding lock:\n[ 164.603617] ffff88810137fc98 (\u0026comp-\u003esem){++++}-{3:3}, at: mlx5_devcom_get_peer_data+0x37/0x80 [mlx5_core]\n[ 164.604459]\n which lock already depends on the new lock.\n\n[ 164.605190]\n the existing dependency chain (in reverse order) is:\n[ 164.605848]\n -\u003e #1 (\u0026comp-\u003esem){++++}-{3:3}:\n[ 164.606380] down_read+0x39/0x50\n[ 164.606772] mlx5_devcom_get_peer_data+0x37/0x80 [mlx5_core]\n[ 164.607336] mlx5e_tc_query_route_vport+0x86/0xc0 [mlx5_core]\n[ 164.607914] mlx5e_tc_tun_route_lookup+0x1a4/0x1d0 [mlx5_core]\n[ 164.608495] mlx5e_attach_decap_route+0xc6/0x1e0 [mlx5_core]\n[ 164.609063] mlx5e_tc_add_fdb_flow+0x1ea/0x360 [mlx5_core]\n[ 164.609627] __mlx5e_add_fdb_flow+0x2d2/0x430 [mlx5_core]\n[ 164.610175] mlx5e_configure_flower+0x952/0x1a20 [mlx5_core]\n[ 164.610741] tc_setup_cb_add+0xd4/0x200\n[ 164.611146] fl_hw_replace_filter+0x14c/0x1f0 [cls_flower]\n[ 164.611661] fl_change+0xc95/0x18a0 [cls_flower]\n[ 164.612116] tc_new_tfilter+0x3fc/0xd20\n[ 164.612516] rtnetlink_rcv_msg+0x418/0x5b0\n[ 164.612936] netlink_rcv_skb+0x54/0x100\n[ 164.613339] netlink_unicast+0x190/0x250\n[ 164.613746] netlink_sendmsg+0x245/0x4a0\n[ 164.614150] sock_sendmsg+0x38/0x60\n[ 164.614522] ____sys_sendmsg+0x1d0/0x1e0\n[ 164.614934] ___sys_sendmsg+0x80/0xc0\n[ 164.615320] __sys_sendmsg+0x51/0x90\n[ 164.615701] do_syscall_64+0x3d/0x90\n[ 164.616083] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 164.616568]\n -\u003e #0 (\u0026esw-\u003eoffloads.encap_tbl_lock){+.+.}-{3:3}:\n[ 164.617210] __lock_acquire+0x159e/0x26e0\n[ 164.617638] lock_acquire+0xc2/0x2a0\n[ 164.618018] __mutex_lock+0x92/0xcd0\n[ 164.618401] mlx5e_attach_encap+0xd8/0x8b0 [mlx5_core]\n[ 164.618943] post_process_attr+0x153/0x2d0 [\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53591",
"url": "https://www.suse.com/security/cve/CVE-2023-53591"
},
{
"category": "external",
"summary": "SUSE Bug 1251167 for CVE-2023-53591",
"url": "https://bugzilla.suse.com/1251167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53591"
},
{
"cve": "CVE-2023-53592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: sifive: Fix refcount leak in sifive_gpio_probe\n\nof_irq_find_parent() returns a node pointer with refcount incremented,\nWe should use of_node_put() on it when not needed anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53592",
"url": "https://www.suse.com/security/cve/CVE-2023-53592"
},
{
"category": "external",
"summary": "SUSE Bug 1251147 for CVE-2023-53592",
"url": "https://bugzilla.suse.com/1251147"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53592"
},
{
"cve": "CVE-2023-53594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53594"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: fix resource leak in device_add()\n\nWhen calling kobject_add() failed in device_add(), it will call\ncleanup_glue_dir() to free resource. But in kobject_add(),\ndev-\u003ekobj.parent has been set to NULL. This will cause resource leak.\n\nThe process is as follows:\ndevice_add()\n\tget_device_parent()\n\t\tclass_dir_create_and_add()\n\t\t\tkobject_add()\t\t//kobject_get()\n\t...\n\tdev-\u003ekobj.parent = kobj;\n\t...\n\tkobject_add()\t\t//failed, but set dev-\u003ekobj.parent = NULL\n\t...\n\tglue_dir = get_glue_dir(dev)\t//glue_dir = NULL, and goto\n\t\t\t\t\t//\"Error\" label\n\t...\n\tcleanup_glue_dir()\t//becaues glue_dir is NULL, not call\n\t\t\t\t//kobject_put()\n\nThe preceding problem may cause insmod mac80211_hwsim.ko to failed.\nsysfs: cannot create duplicate filename \u0027/devices/virtual/mac80211_hwsim\u0027\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x8e/0xd1\nsysfs_warn_dup.cold+0x1c/0x29\nsysfs_create_dir_ns+0x224/0x280\nkobject_add_internal+0x2aa/0x880\nkobject_add+0x135/0x1a0\nget_device_parent+0x3d7/0x590\ndevice_add+0x2aa/0x1cb0\ndevice_create_groups_vargs+0x1eb/0x260\ndevice_create+0xdc/0x110\nmac80211_hwsim_new_radio+0x31e/0x4790 [mac80211_hwsim]\ninit_mac80211_hwsim+0x48d/0x1000 [mac80211_hwsim]\ndo_one_initcall+0x10f/0x630\ndo_init_module+0x19f/0x5e0\nload_module+0x64b7/0x6eb0\n__do_sys_finit_module+0x140/0x200\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\n\u003c/TASK\u003e\nkobject_add_internal failed for mac80211_hwsim with -EEXIST, don\u0027t try to\nregister things with the same name in the same directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53594",
"url": "https://www.suse.com/security/cve/CVE-2023-53594"
},
{
"category": "external",
"summary": "SUSE Bug 1251166 for CVE-2023-53594",
"url": "https://bugzilla.suse.com/1251166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53594"
},
{
"cve": "CVE-2023-53597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix mid leak during reconnection after timeout threshold\n\nWhen the number of responses with status of STATUS_IO_TIMEOUT\nexceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect\nthe connection. But we do not return the mid, or the credits\nreturned for the mid, or reduce the number of in-flight requests.\n\nThis bug could result in the server-\u003ein_flight count to go bad,\nand also cause a leak in the mids.\n\nThis change moves the check to a few lines below where the\nresponse is decrypted, even of the response is read from the\ntransform header. This way, the code for returning the mids\ncan be reused.\n\nAlso, the cifs_reconnect was reconnecting just the transport\nconnection before. In case of multi-channel, this may not be\nwhat we want to do after several timeouts. Changed that to\nreconnect the session and the tree too.\n\nAlso renamed NUM_STATUS_IO_TIMEOUT to a more appropriate name\nMAX_STATUS_IO_TIMEOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53597",
"url": "https://www.suse.com/security/cve/CVE-2023-53597"
},
{
"category": "external",
"summary": "SUSE Bug 1251159 for CVE-2023-53597",
"url": "https://bugzilla.suse.com/1251159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53597"
},
{
"cve": "CVE-2023-53598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: Range check CHDBOFF and ERDBOFF\n\nIf the value read from the CHDBOFF and ERDBOFF registers is outside the\nrange of the MHI register space then an invalid address might be computed\nwhich later causes a kernel panic. Range check the read value to prevent\na crash due to bad data from the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53598",
"url": "https://www.suse.com/security/cve/CVE-2023-53598"
},
{
"category": "external",
"summary": "SUSE Bug 1251162 for CVE-2023-53598",
"url": "https://bugzilla.suse.com/1251162"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53598"
},
{
"cve": "CVE-2023-53601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: do not assume skb mac_header is set\n\nDrivers must not assume in their ndo_start_xmit() that\nskbs have their mac_header set. skb-\u003edata is all what is needed.\n\nbonding seems to be one of the last offender as caught by syzbot:\n\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 skb_mac_offset include/linux/skbuff.h:2913 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_xmit_hash drivers/net/bonding/bond_main.c:4170 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_xmit_3ad_xor_slave_get drivers/net/bonding/bond_main.c:5149 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_3ad_xor_xmit drivers/net/bonding/bond_main.c:5186 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 __bond_start_xmit drivers/net/bonding/bond_main.c:5442 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_start_xmit+0x14ab/0x19d0 drivers/net/bonding/bond_main.c:5470\nModules linked in:\nCPU: 1 PID: 12155 Comm: syz-executor.3 Not tainted 6.1.30-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023\nRIP: 0010:skb_mac_header include/linux/skbuff.h:2907 [inline]\nRIP: 0010:skb_mac_offset include/linux/skbuff.h:2913 [inline]\nRIP: 0010:bond_xmit_hash drivers/net/bonding/bond_main.c:4170 [inline]\nRIP: 0010:bond_xmit_3ad_xor_slave_get drivers/net/bonding/bond_main.c:5149 [inline]\nRIP: 0010:bond_3ad_xor_xmit drivers/net/bonding/bond_main.c:5186 [inline]\nRIP: 0010:__bond_start_xmit drivers/net/bonding/bond_main.c:5442 [inline]\nRIP: 0010:bond_start_xmit+0x14ab/0x19d0 drivers/net/bonding/bond_main.c:5470\nCode: 8b 7c 24 30 e8 76 dd 1a 01 48 85 c0 74 0d 48 89 c3 e8 29 67 2e fe e9 15 ef ff ff e8 1f 67 2e fe e9 10 ef ff ff e8 15 67 2e fe \u003c0f\u003e 0b e9 45 f8 ff ff e8 09 67 2e fe e9 dc fa ff ff e8 ff 66 2e fe\nRSP: 0018:ffffc90002fff6e0 EFLAGS: 00010283\nRAX: ffffffff835874db RBX: 000000000000ffff RCX: 0000000000040000\nRDX: ffffc90004dcf000 RSI: 00000000000000b5 RDI: 00000000000000b6\nRBP: ffffc90002fff8b8 R08: ffffffff83586d16 R09: ffffffff83586584\nR10: 0000000000000007 R11: ffff8881599fc780 R12: ffff88811b6a7b7e\nR13: 1ffff110236d4f6f R14: ffff88811b6a7ac0 R15: 1ffff110236d4f76\nFS: 00007f2e9eb47700(0000) GS:ffff8881f6b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b2e421000 CR3: 000000010e6d4000 CR4: 00000000003526e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n[\u003cffffffff8471a49f\u003e] netdev_start_xmit include/linux/netdevice.h:4925 [inline]\n[\u003cffffffff8471a49f\u003e] __dev_direct_xmit+0x4ef/0x850 net/core/dev.c:4380\n[\u003cffffffff851d845b\u003e] dev_direct_xmit include/linux/netdevice.h:3043 [inline]\n[\u003cffffffff851d845b\u003e] packet_direct_xmit+0x18b/0x300 net/packet/af_packet.c:284\n[\u003cffffffff851c7472\u003e] packet_snd net/packet/af_packet.c:3112 [inline]\n[\u003cffffffff851c7472\u003e] packet_sendmsg+0x4a22/0x64d0 net/packet/af_packet.c:3143\n[\u003cffffffff8467a4b2\u003e] sock_sendmsg_nosec net/socket.c:716 [inline]\n[\u003cffffffff8467a4b2\u003e] sock_sendmsg net/socket.c:736 [inline]\n[\u003cffffffff8467a4b2\u003e] __sys_sendto+0x472/0x5f0 net/socket.c:2139\n[\u003cffffffff8467a715\u003e] __do_sys_sendto net/socket.c:2151 [inline]\n[\u003cffffffff8467a715\u003e] __se_sys_sendto net/socket.c:2147 [inline]\n[\u003cffffffff8467a715\u003e] __x64_sys_sendto+0xe5/0x100 net/socket.c:2147\n[\u003cffffffff8553071f\u003e] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n[\u003cffffffff8553071f\u003e] do_syscall_64+0x2f/0x50 arch/x86/entry/common.c:80\n[\u003cffffffff85600087\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53601",
"url": "https://www.suse.com/security/cve/CVE-2023-53601"
},
{
"category": "external",
"summary": "SUSE Bug 1251153 for CVE-2023-53601",
"url": "https://bugzilla.suse.com/1251153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53601"
},
{
"cve": "CVE-2023-53603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Avoid fcport pointer dereference\n\nKlocwork reported warning of NULL pointer may be dereferenced. The routine\nexits when sa_ctl is NULL and fcport is allocated after the exit call thus\ncausing NULL fcport pointer to dereference at the time of exit.\n\nTo avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53603",
"url": "https://www.suse.com/security/cve/CVE-2023-53603"
},
{
"category": "external",
"summary": "SUSE Bug 1251180 for CVE-2023-53603",
"url": "https://bugzilla.suse.com/1251180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53603"
},
{
"cve": "CVE-2023-53604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm integrity: call kmem_cache_destroy() in dm_integrity_init() error path\n\nOtherwise the journal_io_cache will leak if dm_register_target() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53604",
"url": "https://www.suse.com/security/cve/CVE-2023-53604"
},
{
"category": "external",
"summary": "SUSE Bug 1251210 for CVE-2023-53604",
"url": "https://bugzilla.suse.com/1251210"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53604"
},
{
"cve": "CVE-2023-53605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: amd: display: Fix memory leakage\n\nThis commit fixes memory leakage in dc_construct_ctx() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53605",
"url": "https://www.suse.com/security/cve/CVE-2023-53605"
},
{
"category": "external",
"summary": "SUSE Bug 1251149 for CVE-2023-53605",
"url": "https://bugzilla.suse.com/1251149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53605"
},
{
"cve": "CVE-2023-53607",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53607"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ymfpci: Fix BUG_ON in probe function\n\nThe snd_dma_buffer.bytes field now contains the aligned size, which this\nsnd_BUG_ON() did not account for, resulting in the following:\n\n[ 9.625915] ------------[ cut here ]------------\n[ 9.633440] WARNING: CPU: 0 PID: 126 at sound/pci/ymfpci/ymfpci_main.c:2168 snd_ymfpci_create+0x681/0x698 [snd_ymfpci]\n[ 9.648926] Modules linked in: snd_ymfpci(+) snd_intel_dspcfg kvm(+) snd_intel_sdw_acpi snd_ac97_codec snd_mpu401_uart snd_opl3_lib irqbypass snd_hda_codec gameport snd_rawmidi crct10dif_pclmul crc32_pclmul cfg80211 snd_hda_core polyval_clmulni polyval_generic gf128mul snd_seq_device ghash_clmulni_intel snd_hwdep ac97_bus sha512_ssse3 rfkill snd_pcm aesni_intel tg3 snd_timer crypto_simd snd mxm_wmi libphy cryptd k10temp fam15h_power pcspkr soundcore sp5100_tco wmi acpi_cpufreq mac_hid dm_multipath sg loop fuse dm_mod bpf_preload ip_tables x_tables ext4 crc32c_generic crc16 mbcache jbd2 sr_mod cdrom ata_generic pata_acpi firewire_ohci crc32c_intel firewire_core xhci_pci crc_itu_t pata_via xhci_pci_renesas floppy\n[ 9.711849] CPU: 0 PID: 126 Comm: kworker/0:2 Not tainted 6.1.21-1-lts #1 08d2e5ece03136efa7c6aeea9a9c40916b1bd8da\n[ 9.722200] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./990FX Extreme4, BIOS P2.70 06/05/2014\n[ 9.732204] Workqueue: events work_for_cpu_fn\n[ 9.736580] RIP: 0010:snd_ymfpci_create+0x681/0x698 [snd_ymfpci]\n[ 9.742594] Code: 8c c0 4c 89 e2 48 89 df 48 c7 c6 92 c6 8c c0 e8 15 d0 e9 ff 48 83 c4 08 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d3 7a 33 e3 \u003c0f\u003e 0b e9 cb fd ff ff 41 bd fb ff ff ff eb db 41 bd f4 ff ff ff eb\n[ 9.761358] RSP: 0018:ffffab64804e7da0 EFLAGS: 00010287\n[ 9.766594] RAX: ffff8fa2df06c400 RBX: ffff8fa3073a8000 RCX: ffff8fa303fbc4a8\n[ 9.773734] RDX: ffff8fa2df06d000 RSI: 0000000000000010 RDI: 0000000000000020\n[ 9.780876] RBP: ffff8fa300b5d0d0 R08: ffff8fa3073a8e50 R09: 00000000df06bf00\n[ 9.788018] R10: ffff8fa2df06bf00 R11: 00000000df068200 R12: ffff8fa3073a8918\n[ 9.795159] R13: 0000000000000000 R14: 0000000000000080 R15: ffff8fa2df068200\n[ 9.802317] FS: 0000000000000000(0000) GS:ffff8fa9fec00000(0000) knlGS:0000000000000000\n[ 9.810414] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 9.816158] CR2: 000055febaf66500 CR3: 0000000101a2e000 CR4: 00000000000406f0\n[ 9.823301] Call Trace:\n[ 9.825747] \u003cTASK\u003e\n[ 9.827889] snd_card_ymfpci_probe+0x194/0x950 [snd_ymfpci b78a5fe64b5663a6390a909c67808567e3e73615]\n[ 9.837030] ? finish_task_switch.isra.0+0x90/0x2d0\n[ 9.841918] local_pci_probe+0x45/0x80\n[ 9.845680] work_for_cpu_fn+0x1a/0x30\n[ 9.849431] process_one_work+0x1c7/0x380\n[ 9.853464] worker_thread+0x1af/0x390\n[ 9.857225] ? rescuer_thread+0x3b0/0x3b0\n[ 9.861254] kthread+0xde/0x110\n[ 9.864414] ? kthread_complete_and_exit+0x20/0x20\n[ 9.869210] ret_from_fork+0x22/0x30\n[ 9.872792] \u003c/TASK\u003e\n[ 9.874985] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53607",
"url": "https://www.suse.com/security/cve/CVE-2023-53607"
},
{
"category": "external",
"summary": "SUSE Bug 1251136 for CVE-2023-53607",
"url": "https://bugzilla.suse.com/1251136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53607"
},
{
"cve": "CVE-2023-53608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()\n\nThe finalization of nilfs_segctor_thread() can race with\nnilfs_segctor_kill_thread() which terminates that thread, potentially\ncausing a use-after-free BUG as KASAN detected.\n\nAt the end of nilfs_segctor_thread(), it assigns NULL to \"sc_task\" member\nof \"struct nilfs_sc_info\" to indicate the thread has finished, and then\nnotifies nilfs_segctor_kill_thread() of this using waitqueue\n\"sc_wait_task\" on the struct nilfs_sc_info.\n\nHowever, here, immediately after the NULL assignment to \"sc_task\", it is\npossible that nilfs_segctor_kill_thread() will detect it and return to\ncontinue the deallocation, freeing the nilfs_sc_info structure before the\nthread does the notification.\n\nThis fixes the issue by protecting the NULL assignment to \"sc_task\" and\nits notification, with spinlock \"sc_state_lock\" of the struct\nnilfs_sc_info. Since nilfs_segctor_kill_thread() does a final check to\nsee if \"sc_task\" is NULL with \"sc_state_lock\" locked, this can eliminate\nthe race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53608",
"url": "https://www.suse.com/security/cve/CVE-2023-53608"
},
{
"category": "external",
"summary": "SUSE Bug 1251178 for CVE-2023-53608",
"url": "https://bugzilla.suse.com/1251178"
},
{
"category": "external",
"summary": "SUSE Bug 1251179 for CVE-2023-53608",
"url": "https://bugzilla.suse.com/1251179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53608"
},
{
"cve": "CVE-2023-53611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi_si: fix a memleak in try_smi_init()\n\nKmemleak reported the following leak info in try_smi_init():\n\nunreferenced object 0xffff00018ecf9400 (size 1024):\n comm \"modprobe\", pid 2707763, jiffies 4300851415 (age 773.308s)\n backtrace:\n [\u003c000000004ca5b312\u003e] __kmalloc+0x4b8/0x7b0\n [\u003c00000000953b1072\u003e] try_smi_init+0x148/0x5dc [ipmi_si]\n [\u003c000000006460d325\u003e] 0xffff800081b10148\n [\u003c0000000039206ea5\u003e] do_one_initcall+0x64/0x2a4\n [\u003c00000000601399ce\u003e] do_init_module+0x50/0x300\n [\u003c000000003c12ba3c\u003e] load_module+0x7a8/0x9e0\n [\u003c00000000c246fffe\u003e] __se_sys_init_module+0x104/0x180\n [\u003c00000000eea99093\u003e] __arm64_sys_init_module+0x24/0x30\n [\u003c0000000021b1ef87\u003e] el0_svc_common.constprop.0+0x94/0x250\n [\u003c0000000070f4f8b7\u003e] do_el0_svc+0x48/0xe0\n [\u003c000000005a05337f\u003e] el0_svc+0x24/0x3c\n [\u003c000000005eb248d6\u003e] el0_sync_handler+0x160/0x164\n [\u003c0000000030a59039\u003e] el0_sync+0x160/0x180\n\nThe problem was that when an error occurred before handlers registration\nand after allocating `new_smi-\u003esi_sm`, the variable wouldn\u0027t be freed in\nthe error handling afterwards since `shutdown_smi()` hadn\u0027t been\nregistered yet. Fix it by adding a `kfree()` in the error handling path\nin `try_smi_init()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53611",
"url": "https://www.suse.com/security/cve/CVE-2023-53611"
},
{
"category": "external",
"summary": "SUSE Bug 1251123 for CVE-2023-53611",
"url": "https://bugzilla.suse.com/1251123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53611"
},
{
"cve": "CVE-2023-53612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53612"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (coretemp) Simplify platform device handling\n\nCoretemp\u0027s platform driver is unconventional. All the real work is done\nglobally by the initcall and CPU hotplug notifiers, while the \"driver\"\neffectively just wraps an allocation and the registration of the hwmon\ninterface in a long-winded round-trip through the driver core. The whole\nlogic of dynamically creating and destroying platform devices to bring\nthe interfaces up and down is error prone, since it assumes\nplatform_device_add() will synchronously bind the driver and set drvdata\nbefore it returns, thus results in a NULL dereference if drivers_autoprobe\nis turned off for the platform bus. Furthermore, the unusual approach of\ndoing that from within a CPU hotplug notifier, already commented in the\ncode that it deadlocks suspend, also causes lockdep issues for other\ndrivers or subsystems which may want to legitimately register a CPU\nhotplug notifier from a platform bus notifier.\n\nAll of these issues can be solved by ripping this unusual behaviour out\ncompletely, simply tying the platform devices to the lifetime of the\nmodule itself, and directly managing the hwmon interfaces from the\nhotplug notifiers. There is a slight user-visible change in that\n/sys/bus/platform/drivers/coretemp will no longer appear, and\n/sys/devices/platform/coretemp.n will remain present if package n is\nhotplugged off, but hwmon users should really only be looking for the\npresence of the hwmon interfaces, whose behaviour remains unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53612",
"url": "https://www.suse.com/security/cve/CVE-2023-53612"
},
{
"category": "external",
"summary": "SUSE Bug 1251218 for CVE-2023-53612",
"url": "https://bugzilla.suse.com/1251218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53612"
},
{
"cve": "CVE-2023-53615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53615"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix deletion race condition\n\nSystem crash when using debug kernel due to link list corruption. The cause\nof the link list corruption is due to session deletion was allowed to queue\nup twice. Here\u0027s the internal trace that show the same port was allowed to\ndouble queue for deletion on different cpu.\n\n20808683956 015 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1\n20808683957 027 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1\n\nMove the clearing/setting of deleted flag lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53615",
"url": "https://www.suse.com/security/cve/CVE-2023-53615"
},
{
"category": "external",
"summary": "SUSE Bug 1251113 for CVE-2023-53615",
"url": "https://bugzilla.suse.com/1251113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53615"
},
{
"cve": "CVE-2023-53616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix invalid free of JFS_IP(ipimap)-\u003ei_imap in diUnmount\n\nsyzbot found an invalid-free in diUnmount:\n\nBUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline]\nBUG: KASAN: double-free in __kmem_cache_free+0x71/0x110 mm/slub.c:3674\nFree of addr ffff88806f410000 by task syz-executor131/3632\n\n CPU: 0 PID: 3632 Comm: syz-executor131 Not tainted 6.1.0-rc7-syzkaller-00012-gca57f02295f1 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report_invalid_free+0xac/0xd0 mm/kasan/report.c:460\n ____kasan_slab_free+0xfb/0x120\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1724 [inline]\n slab_free_freelist_hook+0x12e/0x1a0 mm/slub.c:1750\n slab_free mm/slub.c:3661 [inline]\n __kmem_cache_free+0x71/0x110 mm/slub.c:3674\n diUnmount+0xef/0x100 fs/jfs/jfs_imap.c:195\n jfs_umount+0x108/0x370 fs/jfs/jfs_umount.c:63\n jfs_put_super+0x86/0x190 fs/jfs/super.c:194\n generic_shutdown_super+0x130/0x310 fs/super.c:492\n kill_block_super+0x79/0xd0 fs/super.c:1428\n deactivate_locked_super+0xa7/0xf0 fs/super.c:332\n cleanup_mnt+0x494/0x520 fs/namespace.c:1186\n task_work_run+0x243/0x300 kernel/task_work.c:179\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x664/0x2070 kernel/exit.c:820\n do_group_exit+0x1fd/0x2b0 kernel/exit.c:950\n __do_sys_exit_group kernel/exit.c:961 [inline]\n __se_sys_exit_group kernel/exit.c:959 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:959\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[...]\n\nJFS_IP(ipimap)-\u003ei_imap is not setting to NULL after free in diUnmount.\nIf jfs_remount() free JFS_IP(ipimap)-\u003ei_imap but then failed at diMount().\nJFS_IP(ipimap)-\u003ei_imap will be freed once again.\nFix this problem by setting JFS_IP(ipimap)-\u003ei_imap to NULL after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53616",
"url": "https://www.suse.com/security/cve/CVE-2023-53616"
},
{
"category": "external",
"summary": "SUSE Bug 1251215 for CVE-2023-53616",
"url": "https://bugzilla.suse.com/1251215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53616"
},
{
"cve": "CVE-2023-53617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: socinfo: Add kfree for kstrdup\n\nAdd kfree() in the later error handling in order to avoid memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53617",
"url": "https://www.suse.com/security/cve/CVE-2023-53617"
},
{
"category": "external",
"summary": "SUSE Bug 1251268 for CVE-2023-53617",
"url": "https://bugzilla.suse.com/1251268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53617"
},
{
"cve": "CVE-2023-53619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: Avoid nf_ct_helper_hash uses after free\n\nIf nf_conntrack_init_start() fails (for example due to a\nregister_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini()\nclean-up path frees the nf_ct_helper_hash map.\n\nWhen built with NF_CONNTRACK=y, further netfilter modules (e.g:\nnetfilter_conntrack_ftp) can still be loaded and call\nnf_conntrack_helpers_register(), independently of whether nf_conntrack\ninitialized correctly. This accesses the nf_ct_helper_hash dangling\npointer and causes a uaf, possibly leading to random memory corruption.\n\nThis patch guards nf_conntrack_helper_register() from accessing a freed\nor uninitialized nf_ct_helper_hash pointer and fixes possible\nuses-after-free when loading a conntrack module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53619",
"url": "https://www.suse.com/security/cve/CVE-2023-53619"
},
{
"category": "external",
"summary": "SUSE Bug 1251743 for CVE-2023-53619",
"url": "https://bugzilla.suse.com/1251743"
},
{
"category": "external",
"summary": "SUSE Bug 1251745 for CVE-2023-53619",
"url": "https://bugzilla.suse.com/1251745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53619"
},
{
"cve": "CVE-2023-53622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix possible data races in gfs2_show_options()\n\nSome fields such as gt_logd_secs of the struct gfs2_tune are accessed\nwithout holding the lock gt_spin in gfs2_show_options():\n\n val = sdp-\u003esd_tune.gt_logd_secs;\n if (val != 30)\n seq_printf(s, \",commit=%d\", val);\n\nAnd thus can cause data races when gfs2_show_options() and other functions\nsuch as gfs2_reconfigure() are concurrently executed:\n\n spin_lock(\u0026gt-\u003egt_spin);\n gt-\u003egt_logd_secs = newargs-\u003ear_commit;\n\nTo fix these possible data races, the lock sdp-\u003esd_tune.gt_spin is\nacquired before accessing the fields of gfs2_tune and released after these\naccesses.\n\nFurther changes by Andreas:\n\n- Don\u0027t hold the spin lock over the seq_printf operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53622",
"url": "https://www.suse.com/security/cve/CVE-2023-53622"
},
{
"category": "external",
"summary": "SUSE Bug 1251777 for CVE-2023-53622",
"url": "https://bugzilla.suse.com/1251777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53622"
},
{
"cve": "CVE-2023-53625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gvt: fix vgpu debugfs clean in remove\n\nCheck carefully on root debugfs available when destroying vgpu,\ne.g in remove case drm minor\u0027s debugfs root might already be destroyed,\nwhich led to kernel oops like below.\n\nConsole: switching to colour dummy device 80x25\ni915 0000:00:02.0: MDEV: Unregistering\nintel_vgpu_mdev b1338b2d-a709-4c23-b766-cc436c36cdf0: Removing from iommu group 14\nBUG: kernel NULL pointer dereference, address: 0000000000000150\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP\nCPU: 3 PID: 1046 Comm: driverctl Not tainted 6.1.0-rc2+ #6\nHardware name: HP HP ProDesk 600 G3 MT/829D, BIOS P02 Ver. 02.44 09/13/2022\nRIP: 0010:__lock_acquire+0x5e2/0x1f90\nCode: 87 ad 09 00 00 39 05 e1 1e cc 02 0f 82 f1 09 00 00 ba 01 00 00 00 48 83 c4 48 89 d0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 45 31 ff \u003c48\u003e 81 3f 60 9e c2 b6 45 0f 45 f8 83 fe 01 0f 87 55 fa ff ff 89 f0\nRSP: 0018:ffff9f770274f948 EFLAGS: 00010046\nRAX: 0000000000000003 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000150\nRBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: ffff8895d1173300 R11: 0000000000000001 R12: 0000000000000000\nR13: 0000000000000150 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007fc9b2ba0740(0000) GS:ffff889cdfcc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000150 CR3: 000000010fd93005 CR4: 00000000003706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0xbf/0x2b0\n ? simple_recursive_removal+0xa5/0x2b0\n ? lock_release+0x13d/0x2d0\n down_write+0x2a/0xd0\n ? simple_recursive_removal+0xa5/0x2b0\n simple_recursive_removal+0xa5/0x2b0\n ? start_creating.part.0+0x110/0x110\n ? _raw_spin_unlock+0x29/0x40\n debugfs_remove+0x40/0x60\n intel_gvt_debugfs_remove_vgpu+0x15/0x30 [kvmgt]\n intel_gvt_destroy_vgpu+0x60/0x100 [kvmgt]\n intel_vgpu_release_dev+0xe/0x20 [kvmgt]\n device_release+0x30/0x80\n kobject_put+0x79/0x1b0\n device_release_driver_internal+0x1b8/0x230\n bus_remove_device+0xec/0x160\n device_del+0x189/0x400\n ? up_write+0x9c/0x1b0\n ? mdev_device_remove_common+0x60/0x60 [mdev]\n mdev_device_remove_common+0x22/0x60 [mdev]\n mdev_device_remove_cb+0x17/0x20 [mdev]\n device_for_each_child+0x56/0x80\n mdev_unregister_parent+0x5a/0x81 [mdev]\n intel_gvt_clean_device+0x2d/0xe0 [kvmgt]\n intel_gvt_driver_remove+0x2e/0xb0 [i915]\n i915_driver_remove+0xac/0x100 [i915]\n i915_pci_remove+0x1a/0x30 [i915]\n pci_device_remove+0x31/0xa0\n device_release_driver_internal+0x1b8/0x230\n unbind_store+0xd8/0x100\n kernfs_fop_write_iter+0x156/0x210\n vfs_write+0x236/0x4a0\n ksys_write+0x61/0xd0\n do_syscall_64+0x55/0x80\n ? find_held_lock+0x2b/0x80\n ? lock_release+0x13d/0x2d0\n ? up_read+0x17/0x20\n ? lock_is_held_type+0xe3/0x140\n ? asm_exc_page_fault+0x22/0x30\n ? lockdep_hardirqs_on+0x7d/0x100\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7fc9b2c9e0c4\nCode: 15 71 7d 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 80 3d 3d 05 0e 00 00 74 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 48 89 54 24 18 48\nRSP: 002b:00007ffec29c81c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000000000000000d RCX: 00007fc9b2c9e0c4\nRDX: 000000000000000d RSI: 0000559f8b5f48a0 RDI: 0000000000000001\nRBP: 0000559f8b5f48a0 R08: 0000559f8b5f3540 R09: 00007fc9b2d76d30\nR10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000d\nR13: 00007fc9b2d77780 R14: 000000000000000d R15: 00007fc9b2d72a00\n \u003c/TASK\u003e\nModules linked in: sunrpc intel_rapl_msr intel_rapl_common intel_pmc_core_pltdrv intel_pmc_core intel_tcc_cooling x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel ee1004 igbvf rapl vfat fat intel_cstate intel_uncore pktcdvd i2c_i801 pcspkr wmi_bmof i2c_smbus acpi_pad vfio_pci vfio_pci_core vfio_virqfd zram fuse dm\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53625",
"url": "https://www.suse.com/security/cve/CVE-2023-53625"
},
{
"category": "external",
"summary": "SUSE Bug 1251324 for CVE-2023-53625",
"url": "https://bugzilla.suse.com/1251324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53625"
},
{
"cve": "CVE-2023-53626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53626"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix possible double unlock when moving a directory",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53626",
"url": "https://www.suse.com/security/cve/CVE-2023-53626"
},
{
"category": "external",
"summary": "SUSE Bug 1251775 for CVE-2023-53626",
"url": "https://bugzilla.suse.com/1251775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53626"
},
{
"cve": "CVE-2023-53631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-sysman: Fix reference leak\n\nIf a duplicate attribute is found using kset_find_obj(),\na reference to that attribute is returned. This means\nthat we need to dispose it accordingly. Use kobject_put()\nto dispose the duplicate attribute in such a case.\n\nCompile-tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53631",
"url": "https://www.suse.com/security/cve/CVE-2023-53631"
},
{
"category": "external",
"summary": "SUSE Bug 1251529 for CVE-2023-53631",
"url": "https://bugzilla.suse.com/1251529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53631"
},
{
"cve": "CVE-2023-53637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ov772x: Fix memleak in ov772x_probe()\n\nA memory leak was reported when testing ov772x with bpf mock device:\n\nAssertionError: unreferenced object 0xffff888109afa7a8 (size 8):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 8 bytes):\n 80 22 88 15 81 88 ff ff .\"......\n backtrace:\n [\u003c000000009990b438\u003e] __kmalloc_node+0x44/0x1b0\n [\u003c000000009e32f7d7\u003e] kvmalloc_node+0x34/0x180\n [\u003c00000000faf48134\u003e] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev]\n [\u003c00000000da376937\u003e] ov772x_probe+0x1c3/0x68c [ov772x]\n [\u003c000000003f0d225e\u003e] i2c_device_probe+0x28d/0x680\n [\u003c00000000e0b6db89\u003e] really_probe+0x17c/0x3f0\n [\u003c000000001b19fcee\u003e] __driver_probe_device+0xe3/0x170\n [\u003c0000000048370519\u003e] driver_probe_device+0x49/0x120\n [\u003c000000005ead07a0\u003e] __device_attach_driver+0xf7/0x150\n [\u003c0000000043f452b8\u003e] bus_for_each_drv+0x114/0x180\n [\u003c00000000358e5596\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000043f83c5d\u003e] bus_probe_device+0x126/0x140\n [\u003c00000000ee0f3046\u003e] device_add+0x810/0x1130\n [\u003c00000000e0278184\u003e] i2c_new_client_device+0x359/0x4f0\n [\u003c0000000070baf34f\u003e] of_i2c_register_device+0xf1/0x110\n [\u003c00000000a9f2159d\u003e] of_i2c_notify+0x100/0x160\nunreferenced object 0xffff888119825c00 (size 256):\n comm \"python3\", pid 279, jiffies 4294805921 (age 20.681s)\n hex dump (first 32 bytes):\n 00 b4 a5 17 81 88 ff ff 00 5e 82 19 81 88 ff ff .........^......\n 10 5c 82 19 81 88 ff ff 10 5c 82 19 81 88 ff ff .\\.......\\......\n backtrace:\n [\u003c000000009990b438\u003e] __kmalloc_node+0x44/0x1b0\n [\u003c000000009e32f7d7\u003e] kvmalloc_node+0x34/0x180\n [\u003c0000000073d88e0b\u003e] v4l2_ctrl_new.cold+0x19b/0x86f [videodev]\n [\u003c00000000b1f576fb\u003e] v4l2_ctrl_new_std+0x16f/0x210 [videodev]\n [\u003c00000000caf7ac99\u003e] ov772x_probe+0x1fa/0x68c [ov772x]\n [\u003c000000003f0d225e\u003e] i2c_device_probe+0x28d/0x680\n [\u003c00000000e0b6db89\u003e] really_probe+0x17c/0x3f0\n [\u003c000000001b19fcee\u003e] __driver_probe_device+0xe3/0x170\n [\u003c0000000048370519\u003e] driver_probe_device+0x49/0x120\n [\u003c000000005ead07a0\u003e] __device_attach_driver+0xf7/0x150\n [\u003c0000000043f452b8\u003e] bus_for_each_drv+0x114/0x180\n [\u003c00000000358e5596\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000043f83c5d\u003e] bus_probe_device+0x126/0x140\n [\u003c00000000ee0f3046\u003e] device_add+0x810/0x1130\n [\u003c00000000e0278184\u003e] i2c_new_client_device+0x359/0x4f0\n [\u003c0000000070baf34f\u003e] of_i2c_register_device+0xf1/0x110\n\nThe reason is that if priv-\u003ehdl.error is set, ov772x_probe() jumps to the\nerror_mutex_destroy without doing v4l2_ctrl_handler_free(), and all\nresources allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std()\nare leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53637",
"url": "https://www.suse.com/security/cve/CVE-2023-53637"
},
{
"category": "external",
"summary": "SUSE Bug 1251326 for CVE-2023-53637",
"url": "https://bugzilla.suse.com/1251326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53637"
},
{
"cve": "CVE-2023-53639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath6kl: reduce WARN to dev_dbg() in callback\n\nThe warn is triggered on a known race condition, documented in the code above\nthe test, that is correctly handled. Using WARN() hinders automated testing.\nReducing severity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53639",
"url": "https://www.suse.com/security/cve/CVE-2023-53639"
},
{
"category": "external",
"summary": "SUSE Bug 1251521 for CVE-2023-53639",
"url": "https://bugzilla.suse.com/1251521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53639"
},
{
"cve": "CVE-2023-53640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: lpass: Fix for KASAN use_after_free out of bounds\n\nWhen we run syzkaller we get below Out of Bounds error.\n\n\"KASAN: slab-out-of-bounds Read in regcache_flat_read\"\n\nBelow is the backtrace of the issue:\n\nBUG: KASAN: slab-out-of-bounds in regcache_flat_read+0x10c/0x110\nRead of size 4 at addr ffffff8088fbf714 by task syz-executor.4/14144\nCPU: 6 PID: 14144 Comm: syz-executor.4 Tainted: G W\nHardware name: Qualcomm Technologies, Inc. sc7280 CRD platform (rev5+) (DT)\nCall trace:\ndump_backtrace+0x0/0x4ec\nshow_stack+0x34/0x50\ndump_stack_lvl+0xdc/0x11c\nprint_address_description+0x30/0x2d8\nkasan_report+0x178/0x1e4\n__asan_report_load4_noabort+0x44/0x50\nregcache_flat_read+0x10c/0x110\nregcache_read+0xf8/0x5a0\n_regmap_read+0x45c/0x86c\n_regmap_update_bits+0x128/0x290\nregmap_update_bits_base+0xc0/0x15c\nsnd_soc_component_update_bits+0xa8/0x22c\nsnd_soc_component_write_field+0x68/0xd4\ntx_macro_put_dec_enum+0x1d0/0x268\nsnd_ctl_elem_write+0x288/0x474\n\nBy Error checking and checking valid values issue gets rectifies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53640",
"url": "https://www.suse.com/security/cve/CVE-2023-53640"
},
{
"category": "external",
"summary": "SUSE Bug 1251327 for CVE-2023-53640",
"url": "https://bugzilla.suse.com/1251327"
},
{
"category": "external",
"summary": "SUSE Bug 1253761 for CVE-2023-53640",
"url": "https://bugzilla.suse.com/1253761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53640"
},
{
"cve": "CVE-2023-53641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: hif_usb: fix memory leak of remain_skbs\n\nhif_dev-\u003eremain_skb is allocated and used exclusively in\nath9k_hif_usb_rx_stream(). It is implied that an allocated remain_skb is\nprocessed and subsequently freed (in error paths) only during the next\ncall of ath9k_hif_usb_rx_stream().\n\nSo, if the urbs are deallocated between those two calls due to the device\ndeinitialization or suspend, it is possible that ath9k_hif_usb_rx_stream()\nis not called next time and the allocated remain_skb is leaked. Our local\nSyzkaller instance was able to trigger that.\n\nremain_skb makes sense when receiving two consecutive urbs which are\nlogically linked together, i.e. a specific data field from the first skb\nindicates a cached skb to be allocated, memcpy\u0027d with some data and\nsubsequently processed in the next call to ath9k_hif_usb_rx_stream(). Urbs\ndeallocation supposedly makes that link irrelevant so we need to free the\ncached skb in those cases.\n\nFix the leak by introducing a function to explicitly free remain_skb (if\nit is not NULL) when the rx urbs have been deallocated. remain_skb is NULL\nwhen it has not been allocated at all (hif_dev struct is kzalloced) or\nwhen it has been processed in next call to ath9k_hif_usb_rx_stream().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53641",
"url": "https://www.suse.com/security/cve/CVE-2023-53641"
},
{
"category": "external",
"summary": "SUSE Bug 1251728 for CVE-2023-53641",
"url": "https://bugzilla.suse.com/1251728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53641"
},
{
"cve": "CVE-2023-53644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: radio-shark: Add endpoint checks\n\nThe syzbot fuzzer was able to provoke a WARNING from the radio-shark2\ndriver:\n\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 3271 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed2/0x1880 drivers/usb/core/urb.c:504\nModules linked in:\nCPU: 0 PID: 3271 Comm: kworker/0:3 Not tainted 6.1.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_submit_urb+0xed2/0x1880 drivers/usb/core/urb.c:504\nCode: 7c 24 18 e8 00 36 ea fb 48 8b 7c 24 18 e8 36 1c 02 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 a0 b6 90 8a e8 9a 29 b8 03 \u003c0f\u003e 0b e9 58 f8 ff ff e8 d2 35 ea fb 48 81 c5 c0 05 00 00 e9 84 f7\nRSP: 0018:ffffc90003876dd0 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000\nRDX: ffff8880750b0040 RSI: ffffffff816152b8 RDI: fffff5200070edac\nRBP: ffff8880172d81e0 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000001\nR13: ffff8880285c5040 R14: 0000000000000002 R15: ffff888017158200\nFS: 0000000000000000(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe03235b90 CR3: 000000000bc8e000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x101/0x4b0 drivers/usb/core/message.c:58\n usb_bulk_msg+0x226/0x550 drivers/usb/core/message.c:387\n shark_write_reg+0x1ff/0x2e0 drivers/media/radio/radio-shark2.c:88\n...\n\nThe problem was caused by the fact that the driver does not check\nwhether the endpoints it uses are actually present and have the\nappropriate types. This can be fixed by adding a simple check of\nthese endpoints (and similarly for the radio-shark driver).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53644",
"url": "https://www.suse.com/security/cve/CVE-2023-53644"
},
{
"category": "external",
"summary": "SUSE Bug 1251736 for CVE-2023-53644",
"url": "https://bugzilla.suse.com/1251736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53644"
},
{
"cve": "CVE-2023-53648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer\n\nsmatch error:\nsound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error:\nwe previously assumed \u0027rac97\u0027 could be null (see line 2072)\n\nremove redundant assignment, return error if rac97 is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53648",
"url": "https://www.suse.com/security/cve/CVE-2023-53648"
},
{
"category": "external",
"summary": "SUSE Bug 1251750 for CVE-2023-53648",
"url": "https://bugzilla.suse.com/1251750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53648"
},
{
"cve": "CVE-2023-53650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()\n\nIf \u0027mipid_detect()\u0027 fails, we must free \u0027md\u0027 to avoid a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53650",
"url": "https://www.suse.com/security/cve/CVE-2023-53650"
},
{
"category": "external",
"summary": "SUSE Bug 1251283 for CVE-2023-53650",
"url": "https://bugzilla.suse.com/1251283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53650"
},
{
"cve": "CVE-2023-53651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: exc3000 - properly stop timer on shutdown\n\nWe need to stop the timer on driver unbind or probe failures, otherwise\nwe get UAF/Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53651",
"url": "https://www.suse.com/security/cve/CVE-2023-53651"
},
{
"category": "external",
"summary": "SUSE Bug 1251753 for CVE-2023-53651",
"url": "https://bugzilla.suse.com/1251753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53651"
},
{
"cve": "CVE-2023-53658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: bcm-qspi: return error if neither hif_mspi nor mspi is available\n\nIf neither a \"hif_mspi\" nor \"mspi\" resource is present, the driver will\njust early exit in probe but still return success. Apart from not doing\nanything meaningful, this would then also lead to a null pointer access\non removal, as platform_get_drvdata() would return NULL, which it would\nthen try to dereference when trying to unregister the spi master.\n\nFix this by unconditionally calling devm_ioremap_resource(), as it can\nhandle a NULL res and will then return a viable ERR_PTR() if we get one.\n\nThe \"return 0;\" was previously a \"goto qspi_resource_err;\" where then\nret was returned, but since ret was still initialized to 0 at this place\nthis was a valid conversion in 63c5395bb7a9 (\"spi: bcm-qspi: Fix\nuse-after-free on unbind\"). The issue was not introduced by this commit,\nonly made more obvious.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53658",
"url": "https://www.suse.com/security/cve/CVE-2023-53658"
},
{
"category": "external",
"summary": "SUSE Bug 1251759 for CVE-2023-53658",
"url": "https://bugzilla.suse.com/1251759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53658"
},
{
"cve": "CVE-2023-53659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix out-of-bounds when setting channels on remove\n\nIf we set channels greater during iavf_remove(), and waiting reset done\nwould be timeout, then returned with error but changed num_active_queues\ndirectly, that will lead to OOB like the following logs. Because the\nnum_active_queues is greater than tx/rx_rings[] allocated actually.\n\nReproducer:\n\n [root@host ~]# cat repro.sh\n #!/bin/bash\n\n pf_dbsf=\"0000:41:00.0\"\n vf0_dbsf=\"0000:41:02.0\"\n g_pids=()\n\n function do_set_numvf()\n {\n echo 2 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n echo 0 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n }\n\n function do_set_channel()\n {\n local nic=$(ls -1 --indicator-style=none /sys/bus/pci/devices/${vf0_dbsf}/net/)\n [ -z \"$nic\" ] \u0026\u0026 { sleep $((RANDOM%3)) ; return 1; }\n ifconfig $nic 192.168.18.5 netmask 255.255.255.0\n ifconfig $nic up\n ethtool -L $nic combined 1\n ethtool -L $nic combined 4\n sleep $((RANDOM%3))\n }\n\n function on_exit()\n {\n local pid\n for pid in \"${g_pids[@]}\"; do\n kill -0 \"$pid\" \u0026\u003e/dev/null \u0026\u0026 kill \"$pid\" \u0026\u003e/dev/null\n done\n g_pids=()\n }\n\n trap \"on_exit; exit\" EXIT\n\n while :; do do_set_numvf ; done \u0026\n g_pids+=($!)\n while :; do do_set_channel ; done \u0026\n g_pids+=($!)\n\n wait\n\nResult:\n\n[ 3506.152887] iavf 0000:41:02.0: Removing device\n[ 3510.400799] ==================================================================\n[ 3510.400820] BUG: KASAN: slab-out-of-bounds in iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400823] Read of size 8 at addr ffff88b6f9311008 by task repro.sh/55536\n[ 3510.400823]\n[ 3510.400830] CPU: 101 PID: 55536 Comm: repro.sh Kdump: loaded Tainted: G O --------- -t - 4.18.0 #1\n[ 3510.400832] Hardware name: Powerleader PR2008AL/H12DSi-N6, BIOS 2.0 04/09/2021\n[ 3510.400835] Call Trace:\n[ 3510.400851] dump_stack+0x71/0xab\n[ 3510.400860] print_address_description+0x6b/0x290\n[ 3510.400865] ? iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400868] kasan_report+0x14a/0x2b0\n[ 3510.400873] iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400880] iavf_remove+0x2b6/0xc70 [iavf]\n[ 3510.400884] ? iavf_free_all_rx_resources+0x160/0x160 [iavf]\n[ 3510.400891] ? wait_woken+0x1d0/0x1d0\n[ 3510.400895] ? notifier_call_chain+0xc1/0x130\n[ 3510.400903] pci_device_remove+0xa8/0x1f0\n[ 3510.400910] device_release_driver_internal+0x1c6/0x460\n[ 3510.400916] pci_stop_bus_device+0x101/0x150\n[ 3510.400919] pci_stop_and_remove_bus_device+0xe/0x20\n[ 3510.400924] pci_iov_remove_virtfn+0x187/0x420\n[ 3510.400927] ? pci_iov_add_virtfn+0xe10/0xe10\n[ 3510.400929] ? pci_get_subsys+0x90/0x90\n[ 3510.400932] sriov_disable+0xed/0x3e0\n[ 3510.400936] ? bus_find_device+0x12d/0x1a0\n[ 3510.400953] i40e_free_vfs+0x754/0x1210 [i40e]\n[ 3510.400966] ? i40e_reset_all_vfs+0x880/0x880 [i40e]\n[ 3510.400968] ? pci_get_device+0x7c/0x90\n[ 3510.400970] ? pci_get_subsys+0x90/0x90\n[ 3510.400982] ? pci_vfs_assigned.part.7+0x144/0x210\n[ 3510.400987] ? __mutex_lock_slowpath+0x10/0x10\n[ 3510.400996] i40e_pci_sriov_configure+0x1fa/0x2e0 [i40e]\n[ 3510.401001] sriov_numvfs_store+0x214/0x290\n[ 3510.401005] ? sriov_totalvfs_show+0x30/0x30\n[ 3510.401007] ? __mutex_lock_slowpath+0x10/0x10\n[ 3510.401011] ? __check_object_size+0x15a/0x350\n[ 3510.401018] kernfs_fop_write+0x280/0x3f0\n[ 3510.401022] vfs_write+0x145/0x440\n[ 3510.401025] ksys_write+0xab/0x160\n[ 3510.401028] ? __ia32_sys_read+0xb0/0xb0\n[ 3510.401031] ? fput_many+0x1a/0x120\n[ 3510.401032] ? filp_close+0xf0/0x130\n[ 3510.401038] do_syscall_64+0xa0/0x370\n[ 3510.401041] ? page_fault+0x8/0x30\n[ 3510.401043] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 3510.401073] RIP: 0033:0x7f3a9bb842c0\n[ 3510.401079] Code: 73 01 c3 48 8b 0d d8 cb 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 24 2d 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53659",
"url": "https://www.suse.com/security/cve/CVE-2023-53659"
},
{
"category": "external",
"summary": "SUSE Bug 1251247 for CVE-2023-53659",
"url": "https://bugzilla.suse.com/1251247"
},
{
"category": "external",
"summary": "SUSE Bug 1251248 for CVE-2023-53659",
"url": "https://bugzilla.suse.com/1251248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53659"
},
{
"cve": "CVE-2023-53662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}\n\nIf the filename casefolding fails, we\u0027ll be leaking memory from the\nfscrypt_name struct, namely from the \u0027crypto_buf.name\u0027 member.\n\nMake sure we free it in the error path on both ext4_fname_setup_filename()\nand ext4_fname_prepare_lookup() functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53662",
"url": "https://www.suse.com/security/cve/CVE-2023-53662"
},
{
"category": "external",
"summary": "SUSE Bug 1251282 for CVE-2023-53662",
"url": "https://bugzilla.suse.com/1251282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53662"
},
{
"cve": "CVE-2023-53667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_ncm: Deal with too low values of dwNtbOutMaxSize\n\nCurrently in cdc_ncm_check_tx_max(), if dwNtbOutMaxSize is lower than\nthe calculated \"min\" value, but greater than zero, the logic sets\ntx_max to dwNtbOutMaxSize. This is then used to allocate a new SKB in\ncdc_ncm_fill_tx_frame() where all the data is handled.\n\nFor small values of dwNtbOutMaxSize the memory allocated during\nalloc_skb(dwNtbOutMaxSize, GFP_ATOMIC) will have the same size, due to\nhow size is aligned at alloc time:\n\tsize = SKB_DATA_ALIGN(size);\n size += SKB_DATA_ALIGN(sizeof(struct skb_shared_info));\nThus we hit the same bug that we tried to squash with\ncommit 2be6d4d16a084 (\"net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero\")\n\nLow values of dwNtbOutMaxSize do not cause an issue presently because at\nalloc_skb() time more memory (512b) is allocated than required for the\nSKB headers alone (320b), leaving some space (512b - 320b = 192b)\nfor CDC data (172b).\n\nHowever, if more elements (for example 3 x u64 = [24b]) were added to\none of the SKB header structs, say \u0027struct skb_shared_info\u0027,\nincreasing its original size (320b [320b aligned]) to something larger\n(344b [384b aligned]), then suddenly the CDC data (172b) no longer\nfits in the spare SKB data area (512b - 384b = 128b).\n\nConsequently the SKB bounds checking semantics fails and panics:\n\nskbuff: skb_over_panic: text:ffffffff831f755b len:184 put:172 head:ffff88811f1c6c00 data:ffff88811f1c6c00 tail:0xb8 end:0x80 dev:\u003cNULL\u003e\n------------[ cut here ]------------\nkernel BUG at net/core/skbuff.c:113!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 0 PID: 57 Comm: kworker/0:2 Not tainted 5.15.106-syzkaller-00249-g19c0ed55a470 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023\nWorkqueue: mld mld_ifc_work\nRIP: 0010:skb_panic net/core/skbuff.c:113 [inline]\nRIP: 0010:skb_over_panic+0x14c/0x150 net/core/skbuff.c:118\n[snip]\nCall Trace:\n \u003cTASK\u003e\n skb_put+0x151/0x210 net/core/skbuff.c:2047\n skb_put_zero include/linux/skbuff.h:2422 [inline]\n cdc_ncm_ndp16 drivers/net/usb/cdc_ncm.c:1131 [inline]\n cdc_ncm_fill_tx_frame+0x11ab/0x3da0 drivers/net/usb/cdc_ncm.c:1308\n cdc_ncm_tx_fixup+0xa3/0x100\n\nDeal with too low values of dwNtbOutMaxSize, clamp it in the range\n[USB_CDC_NCM_NTB_MIN_OUT_SIZE, CDC_NCM_NTB_MAX_SIZE_TX]. We ensure\nenough data space is allocated to handle CDC data by making sure\ndwNtbOutMaxSize is not smaller than USB_CDC_NCM_NTB_MIN_OUT_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53667",
"url": "https://www.suse.com/security/cve/CVE-2023-53667"
},
{
"category": "external",
"summary": "SUSE Bug 1251761 for CVE-2023-53667",
"url": "https://bugzilla.suse.com/1251761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53667"
},
{
"cve": "CVE-2023-53668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix deadloop issue on reading trace_pipe\n\nSoft lockup occurs when reading file \u0027trace_pipe\u0027:\n\n watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488]\n [...]\n RIP: 0010:ring_buffer_empty_cpu+0xed/0x170\n RSP: 0018:ffff88810dd6fc48 EFLAGS: 00000246\n RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff93d1aaeb\n RDX: ffff88810a280040 RSI: 0000000000000008 RDI: ffff88811164b218\n RBP: ffff88811164b218 R08: 0000000000000000 R09: ffff88815156600f\n R10: ffffed102a2acc01 R11: 0000000000000001 R12: 0000000051651901\n R13: 0000000000000000 R14: ffff888115e49500 R15: 0000000000000000\n [...]\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f8d853c2000 CR3: 000000010dcd8000 CR4: 00000000000006e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n __find_next_entry+0x1a8/0x4b0\n ? peek_next_entry+0x250/0x250\n ? down_write+0xa5/0x120\n ? down_write_killable+0x130/0x130\n trace_find_next_entry_inc+0x3b/0x1d0\n tracing_read_pipe+0x423/0xae0\n ? tracing_splice_read_pipe+0xcb0/0xcb0\n vfs_read+0x16b/0x490\n ksys_read+0x105/0x210\n ? __ia32_sys_pwrite64+0x200/0x200\n ? switch_fpu_return+0x108/0x220\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nThrough the vmcore, I found it\u0027s because in tracing_read_pipe(),\nring_buffer_empty_cpu() found some buffer is not empty but then it\ncannot read anything due to \"rb_num_of_entries() == 0\" always true,\nThen it infinitely loop the procedure due to user buffer not been\nfilled, see following code path:\n\n tracing_read_pipe() {\n ... ...\n waitagain:\n tracing_wait_pipe() // 1. find non-empty buffer here\n trace_find_next_entry_inc() // 2. loop here try to find an entry\n __find_next_entry()\n ring_buffer_empty_cpu(); // 3. find non-empty buffer\n peek_next_entry() // 4. but peek always return NULL\n ring_buffer_peek()\n rb_buffer_peek()\n rb_get_reader_page()\n // 5. because rb_num_of_entries() == 0 always true here\n // then return NULL\n // 6. user buffer not been filled so goto \u0027waitgain\u0027\n // and eventually leads to an deadloop in kernel!!!\n }\n\nBy some analyzing, I found that when resetting ringbuffer, the \u0027entries\u0027\nof its pages are not all cleared (see rb_reset_cpu()). Then when reducing\nthe ringbuffer, and if some reduced pages exist dirty \u0027entries\u0027 data, they\nwill be added into \u0027cpu_buffer-\u003eoverrun\u0027 (see rb_remove_pages()), which\ncause wrong \u0027overrun\u0027 count and eventually cause the deadloop issue.\n\nTo fix it, we need to clear every pages in rb_reset_cpu().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53668",
"url": "https://www.suse.com/security/cve/CVE-2023-53668"
},
{
"category": "external",
"summary": "SUSE Bug 1251286 for CVE-2023-53668",
"url": "https://bugzilla.suse.com/1251286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53668"
},
{
"cve": "CVE-2023-53670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-core: fix dev_pm_qos memleak\n\nCall dev_pm_qos_hide_latency_tolerance() in the error unwind patch to\navoid following kmemleak:-\n\nblktests (master) # kmemleak-clear; ./check nvme/044;\nblktests (master) # kmemleak-scan ; kmemleak-show\nnvme/044 (Test bi-directional authentication) [passed]\n runtime 2.111s ... 2.124s\nunreferenced object 0xffff888110c46240 (size 96):\n comm \"nvme\", pid 33461, jiffies 4345365353 (age 75.586s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c0000000069ac2cec\u003e] kmalloc_trace+0x25/0x90\n [\u003c000000006acc66d5\u003e] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100\n [\u003c00000000cc376ea7\u003e] nvme_init_ctrl+0x38e/0x410 [nvme_core]\n [\u003c000000007df61b4b\u003e] 0xffffffffc05e88b3\n [\u003c00000000d152b985\u003e] 0xffffffffc05744cb\n [\u003c00000000f04a4041\u003e] vfs_write+0xc5/0x3c0\n [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53670",
"url": "https://www.suse.com/security/cve/CVE-2023-53670"
},
{
"category": "external",
"summary": "SUSE Bug 1251762 for CVE-2023-53670",
"url": "https://bugzilla.suse.com/1251762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53670"
},
{
"cve": "CVE-2023-53673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53673",
"url": "https://www.suse.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "SUSE Bug 1251763 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "external",
"summary": "SUSE Bug 1251983 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53673"
},
{
"cve": "CVE-2023-53674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix memory leak in devm_clk_notifier_register()\n\ndevm_clk_notifier_register() allocates a devres resource for clk\nnotifier but didn\u0027t register that to the device, so the notifier didn\u0027t\nget unregistered on device detach and the allocated resource was leaked.\n\nFix the issue by registering the resource through devres_add().\n\nThis issue was found with kmemleak on a Chromebook.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53674",
"url": "https://www.suse.com/security/cve/CVE-2023-53674"
},
{
"category": "external",
"summary": "SUSE Bug 1251764 for CVE-2023-53674",
"url": "https://bugzilla.suse.com/1251764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53674"
},
{
"cve": "CVE-2023-53675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix possible desc_ptr out-of-bounds accesses\n\nSanitize possible desc_ptr out-of-bounds accesses in\nses_enclosure_data_process().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53675",
"url": "https://www.suse.com/security/cve/CVE-2023-53675"
},
{
"category": "external",
"summary": "SUSE Bug 1251325 for CVE-2023-53675",
"url": "https://bugzilla.suse.com/1251325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53675"
},
{
"cve": "CVE-2023-53679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt7601u: fix an integer underflow\n\nFix an integer underflow that leads to a null pointer dereference in\n\u0027mt7601u_rx_skb_from_seg()\u0027. The variable \u0027dma_len\u0027 in the URB packet\ncould be manipulated, which could trigger an integer underflow of\n\u0027seg_len\u0027 in \u0027mt7601u_rx_process_seg()\u0027. This underflow subsequently\ncauses the \u0027bad_frame\u0027 checks in \u0027mt7601u_rx_skb_from_seg()\u0027 to be\nbypassed, eventually leading to a dereference of the pointer \u0027p\u0027, which\nis a null pointer.\n\nEnsure that \u0027dma_len\u0027 is greater than \u0027min_seg_len\u0027.\n\nFound by a modified version of syzkaller.\n\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 0 PID: 12 Comm: ksoftirqd/0 Tainted: G W O 5.14.0+\n#139\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nRIP: 0010:skb_add_rx_frag+0x143/0x370\nCode: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44\n89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02\n00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00\nRSP: 0018:ffffc900000cfc90 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000\nRDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8\nRBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010\nR10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000\nR13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n mt7601u_rx_tasklet+0xc73/0x1270\n ? mt7601u_submit_rx_buf.isra.0+0x510/0x510\n ? tasklet_action_common.isra.0+0x79/0x2f0\n tasklet_action_common.isra.0+0x206/0x2f0\n __do_softirq+0x1b5/0x880\n ? tasklet_unlock+0x30/0x30\n run_ksoftirqd+0x26/0x50\n smpboot_thread_fn+0x34f/0x7d0\n ? smpboot_register_percpu_thread+0x370/0x370\n kthread+0x3a1/0x480\n ? set_kthread_struct+0x120/0x120\n ret_from_fork+0x1f/0x30\nModules linked in: 88XXau(O) 88x2bu(O)\n---[ end trace 57f34f93b4da0f9b ]---\nRIP: 0010:skb_add_rx_frag+0x143/0x370\nCode: e2 07 83 c2 03 38 ca 7c 08 84 c9 0f 85 86 01 00 00 4c 8d 7d 08 44\n89 68 08 48 b8 00 00 00 00 00 fc ff df 4c 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02\n00 0f 85 cd 01 00 00 48 8b 45 08 a8 01 0f 85 3d 01 00 00\nRSP: 0018:ffffc900000cfc90 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: ffff888115520dc0 RCX: 0000000000000000\nRDX: 0000000000000001 RSI: ffff8881118430c0 RDI: ffff8881118430f8\nRBP: 0000000000000000 R08: 0000000000000e09 R09: 0000000000000010\nR10: ffff888111843017 R11: ffffed1022308602 R12: 0000000000000000\nR13: 0000000000000e09 R14: 0000000000000010 R15: 0000000000000008\nFS: 0000000000000000(0000) GS:ffff88811a800000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000004035af40 CR3: 00000001157f2000 CR4: 0000000000750ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53679",
"url": "https://www.suse.com/security/cve/CVE-2023-53679"
},
{
"category": "external",
"summary": "SUSE Bug 1251785 for CVE-2023-53679",
"url": "https://bugzilla.suse.com/1251785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53679"
},
{
"cve": "CVE-2023-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Avoid calling OPDESC() with ops-\u003eopnum == OP_ILLEGAL\n\nOPDESC() simply indexes into nfsd4_ops[] by the op\u0027s operation\nnumber, without range checking that value. It assumes callers are\ncareful to avoid calling it with an out-of-bounds opnum value.\n\nnfsd4_decode_compound() is not so careful, and can invoke OPDESC()\nwith opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end\nof nfsd4_ops[].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53680",
"url": "https://www.suse.com/security/cve/CVE-2023-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1251767 for CVE-2023-53680",
"url": "https://bugzilla.suse.com/1251767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53680"
},
{
"cve": "CVE-2023-53681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: Fix __bch_btree_node_alloc to make the failure behavior consistent\n\nIn some specific situations, the return value of __bch_btree_node_alloc\nmay be NULL. This may lead to a potential NULL pointer dereference in\ncaller function like a calling chain :\nbtree_split-\u003ebch_btree_node_alloc-\u003e__bch_btree_node_alloc.\n\nFix it by initializing the return value in __bch_btree_node_alloc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53681",
"url": "https://www.suse.com/security/cve/CVE-2023-53681"
},
{
"category": "external",
"summary": "SUSE Bug 1251769 for CVE-2023-53681",
"url": "https://bugzilla.suse.com/1251769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53681"
},
{
"cve": "CVE-2023-53683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()\n\nsyzbot is hitting WARN_ON() in hfsplus_cat_{read,write}_inode(), for\ncrafted filesystem image can contain bogus length. There conditions are\nnot kernel bugs that can justify kernel to panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53683",
"url": "https://www.suse.com/security/cve/CVE-2023-53683"
},
{
"category": "external",
"summary": "SUSE Bug 1251329 for CVE-2023-53683",
"url": "https://bugzilla.suse.com/1251329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53683"
},
{
"cve": "CVE-2023-53687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk\n\nWhen the best clk is searched, we iterate over all possible clk.\n\nIf we find a better match, the previous one, if any, needs to be freed.\nIf a better match has already been found, we still need to free the new\none, otherwise it leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53687",
"url": "https://www.suse.com/security/cve/CVE-2023-53687"
},
{
"category": "external",
"summary": "SUSE Bug 1251772 for CVE-2023-53687",
"url": "https://bugzilla.suse.com/1251772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53687"
},
{
"cve": "CVE-2023-53692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free read in ext4_find_extent for bigalloc + inline\n\nSyzbot found the following issue:\nloop0: detected capacity change from 0 to 2048\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none.\n==================================================================\nBUG: KASAN: use-after-free in ext4_ext_binsearch_idx fs/ext4/extents.c:768 [inline]\nBUG: KASAN: use-after-free in ext4_find_extent+0x76e/0xd90 fs/ext4/extents.c:931\nRead of size 4 at addr ffff888073644750 by task syz-executor420/5067\n\nCPU: 0 PID: 5067 Comm: syz-executor420 Not tainted 6.2.0-rc1-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x290 lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:306\n print_report+0x107/0x1f0 mm/kasan/report.c:417\n kasan_report+0xcd/0x100 mm/kasan/report.c:517\n ext4_ext_binsearch_idx fs/ext4/extents.c:768 [inline]\n ext4_find_extent+0x76e/0xd90 fs/ext4/extents.c:931\n ext4_clu_mapped+0x117/0x970 fs/ext4/extents.c:5809\n ext4_insert_delayed_block fs/ext4/inode.c:1696 [inline]\n ext4_da_map_blocks fs/ext4/inode.c:1806 [inline]\n ext4_da_get_block_prep+0x9e8/0x13c0 fs/ext4/inode.c:1870\n ext4_block_write_begin+0x6a8/0x2290 fs/ext4/inode.c:1098\n ext4_da_write_begin+0x539/0x760 fs/ext4/inode.c:3082\n generic_perform_write+0x2e4/0x5e0 mm/filemap.c:3772\n ext4_buffered_write_iter+0x122/0x3a0 fs/ext4/file.c:285\n ext4_file_write_iter+0x1d0/0x18f0\n call_write_iter include/linux/fs.h:2186 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x7dc/0xc50 fs/read_write.c:584\n ksys_write+0x177/0x2a0 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f4b7a9737b9\nRSP: 002b:00007ffc5cac3668 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4b7a9737b9\nRDX: 00000000175d9003 RSI: 0000000020000200 RDI: 0000000000000004\nRBP: 00007f4b7a933050 R08: 0000000000000000 R09: 0000000000000000\nR10: 000000000000079f R11: 0000000000000246 R12: 00007f4b7a9330e0\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nAbove issue is happens when enable bigalloc and inline data feature. As\ncommit 131294c35ed6 fixed delayed allocation bug in ext4_clu_mapped for\nbigalloc + inline. But it only resolved issue when has inline data, if\ninline data has been converted to extent(ext4_da_convert_inline_data_to_extent)\nbefore writepages, there is no EXT4_STATE_MAY_INLINE_DATA flag. However\ni_data is still store inline data in this scene. Then will trigger UAF\nwhen find extent.\nTo resolve above issue, there is need to add judge \"ext4_has_inline_data(inode)\"\nin ext4_clu_mapped().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53692",
"url": "https://www.suse.com/security/cve/CVE-2023-53692"
},
{
"category": "external",
"summary": "SUSE Bug 1252515 for CVE-2023-53692",
"url": "https://bugzilla.suse.com/1252515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53692"
},
{
"cve": "CVE-2023-53693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: Fix the memory leak in raw_gadget driver\n\nCurrently, increasing raw_dev-\u003ecount happens before invoke the\nraw_queue_event(), if the raw_queue_event() return error, invoke\nraw_release() will not trigger the dev_free() to be called.\n\n[ 268.905865][ T5067] raw-gadget.0 gadget.0: failed to queue event\n[ 268.912053][ T5067] udc dummy_udc.0: failed to start USB Raw Gadget: -12\n[ 268.918885][ T5067] raw-gadget.0: probe of gadget.0 failed with error -12\n[ 268.925956][ T5067] UDC core: USB Raw Gadget: couldn\u0027t find an available UDC or it\u0027s busy\n[ 268.934657][ T5067] misc raw-gadget: fail, usb_gadget_register_driver returned -16\n\nBUG: memory leak\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff8347eb55\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff8347eb55\u003e] kzalloc include/linux/slab.h:703 [inline]\n[\u003cffffffff8347eb55\u003e] dev_new drivers/usb/gadget/legacy/raw_gadget.c:191 [inline]\n[\u003cffffffff8347eb55\u003e] raw_open+0x45/0x110 drivers/usb/gadget/legacy/raw_gadget.c:385\n[\u003cffffffff827d1d09\u003e] misc_open+0x1a9/0x1f0 drivers/char/misc.c:165\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff8347cd2f\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff8347cd2f\u003e] raw_ioctl_init+0xdf/0x410 drivers/usb/gadget/legacy/raw_gadget.c:460\n[\u003cffffffff8347dfe9\u003e] raw_ioctl+0x5f9/0x1120 drivers/usb/gadget/legacy/raw_gadget.c:1250\n[\u003cffffffff81685173\u003e] vfs_ioctl fs/ioctl.c:51 [inline]\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff833ecc6a\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff833ecc6a\u003e] kzalloc include/linux/slab.h:703 [inline]\n[\u003cffffffff833ecc6a\u003e] dummy_alloc_request+0x5a/0xe0 drivers/usb/gadget/udc/dummy_hcd.c:665\n[\u003cffffffff833e9132\u003e] usb_ep_alloc_request+0x22/0xd0 drivers/usb/gadget/udc/core.c:196\n[\u003cffffffff8347f13d\u003e] gadget_bind+0x6d/0x370 drivers/usb/gadget/legacy/raw_gadget.c:292\n\nThis commit therefore invoke kref_get() under the condition that\nraw_queue_event() return success.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53693",
"url": "https://www.suse.com/security/cve/CVE-2023-53693"
},
{
"category": "external",
"summary": "SUSE Bug 1252489 for CVE-2023-53693",
"url": "https://bugzilla.suse.com/1252489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53693"
},
{
"cve": "CVE-2023-53695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Detect system inodes linked into directory hierarchy\n\nWhen UDF filesystem is corrupted, hidden system inodes can be linked\ninto directory hierarchy which is an avenue for further serious\ncorruption of the filesystem and kernel confusion as noticed by syzbot\nfuzzed images. Refuse to access system inodes linked into directory\nhierarchy and vice versa.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53695",
"url": "https://www.suse.com/security/cve/CVE-2023-53695"
},
{
"category": "external",
"summary": "SUSE Bug 1252539 for CVE-2023-53695",
"url": "https://bugzilla.suse.com/1252539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53695"
},
{
"cve": "CVE-2023-53696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix memory leak in qla2x00_probe_one()\n\nThere is a memory leak reported by kmemleak:\n\n unreferenced object 0xffffc900003f0000 (size 12288):\n comm \"modprobe\", pid 19117, jiffies 4299751452 (age 42490.264s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c00000000629261a8\u003e] __vmalloc_node_range+0xe56/0x1110\n [\u003c0000000001906886\u003e] __vmalloc_node+0xbd/0x150\n [\u003c000000005bb4dc34\u003e] vmalloc+0x25/0x30\n [\u003c00000000a2dc1194\u003e] qla2x00_create_host+0x7a0/0xe30 [qla2xxx]\n [\u003c0000000062b14b47\u003e] qla2x00_probe_one+0x2eb8/0xd160 [qla2xxx]\n [\u003c00000000641ccc04\u003e] local_pci_probe+0xeb/0x1a0\n\nThe root cause is traced to an error-handling path in qla2x00_probe_one()\nwhen the adapter \"base_vha\" initialize failed. The fab_scan_rp \"scan.l\" is\nused to record the port information and it is allocated in\nqla2x00_create_host(). However, it is not released in the error handling\npath \"probe_failed\".\n\nFix this by freeing the memory of \"scan.l\" when an error occurs in the\nadapter initialization process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53696",
"url": "https://www.suse.com/security/cve/CVE-2023-53696"
},
{
"category": "external",
"summary": "SUSE Bug 1252513 for CVE-2023-53696",
"url": "https://bugzilla.suse.com/1252513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53696"
},
{
"cve": "CVE-2023-53697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()\n\nMemory pointed by \u0027nd_pmu-\u003epmu.attr_groups\u0027 is allocated in function\n\u0027register_nvdimm_pmu\u0027 and is lost after \u0027kfree(nd_pmu)\u0027 call in function\n\u0027unregister_nvdimm_pmu\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53697",
"url": "https://www.suse.com/security/cve/CVE-2023-53697"
},
{
"category": "external",
"summary": "SUSE Bug 1252534 for CVE-2023-53697",
"url": "https://bugzilla.suse.com/1252534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53697"
},
{
"cve": "CVE-2023-53700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: max9286: Fix memleak in max9286_v4l2_register()\n\nThere is a kmemleak when testing the media/i2c/max9286.c with bpf mock\ndevice:\n\nkmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\nunreferenced object 0xffff88810defc400 (size 256):\n comm \"python3\", pid 278, jiffies 4294737563 (age 31.978s)\n hex dump (first 32 bytes):\n 28 06 a7 0a 81 88 ff ff 00 fe 22 12 81 88 ff ff (.........\".....\n 10 c4 ef 0d 81 88 ff ff 10 c4 ef 0d 81 88 ff ff ................\n backtrace:\n [\u003c00000000191de6a7\u003e] __kmalloc_node+0x44/0x1b0\n [\u003c000000002f4912b7\u003e] kvmalloc_node+0x34/0x180\n [\u003c0000000057dc4cae\u003e] v4l2_ctrl_new+0x325/0x10f0 [videodev]\n [\u003c0000000026030272\u003e] v4l2_ctrl_new_std+0x16f/0x210 [videodev]\n [\u003c00000000f0d9ea2f\u003e] max9286_probe+0x76e/0xbff [max9286]\n [\u003c00000000ea8f6455\u003e] i2c_device_probe+0x28d/0x680\n [\u003c0000000087529af3\u003e] really_probe+0x17c/0x3f0\n [\u003c00000000b08be526\u003e] __driver_probe_device+0xe3/0x170\n [\u003c000000004382edea\u003e] driver_probe_device+0x49/0x120\n [\u003c000000007bde528a\u003e] __device_attach_driver+0xf7/0x150\n [\u003c000000009f9c6ab4\u003e] bus_for_each_drv+0x114/0x180\n [\u003c00000000c8aaf588\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000041cc06b9\u003e] bus_probe_device+0x126/0x140\n [\u003c000000002309860d\u003e] device_add+0x810/0x1130\n [\u003c000000002827bf98\u003e] i2c_new_client_device+0x359/0x4f0\n [\u003c00000000593bdc85\u003e] of_i2c_register_device+0xf1/0x110\n\nmax9286_v4l2_register() calls v4l2_ctrl_new_std(), but won\u0027t free the\ncreated v412_ctrl when fwnode_graph_get_endpoint_by_id() failed, which\ncauses the memleak. Call v4l2_ctrl_handler_free() to free the v412_ctrl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53700",
"url": "https://www.suse.com/security/cve/CVE-2023-53700"
},
{
"category": "external",
"summary": "SUSE Bug 1252522 for CVE-2023-53700",
"url": "https://bugzilla.suse.com/1252522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53700"
},
{
"cve": "CVE-2023-53704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()\n\nReplace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc()\nwhich can automatically release the related memory when the device\nor driver is removed or unloaded to avoid potential memory leak.\n\nIn this case, iounmap(anatop_base) in line 427,433 are removed\nas manual release is not required.\n\nBesides, referring to clk-imx8mq.c, check the return code of\nof_clk_add_hw_provider, if it returns negtive, print error info\nand unregister hws, which makes the program more robust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53704",
"url": "https://www.suse.com/security/cve/CVE-2023-53704"
},
{
"category": "external",
"summary": "SUSE Bug 1252490 for CVE-2023-53704",
"url": "https://bugzilla.suse.com/1252490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53704"
},
{
"cve": "CVE-2023-53705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix out-of-bounds access in ipv6_find_tlv()\n\noptlen is fetched without checking whether there is more than one byte to parse.\nIt can lead to out-of-bounds access.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53705",
"url": "https://www.suse.com/security/cve/CVE-2023-53705"
},
{
"category": "external",
"summary": "SUSE Bug 1252554 for CVE-2023-53705",
"url": "https://bugzilla.suse.com/1252554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53705"
},
{
"cve": "CVE-2023-53707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix integer overflow in amdgpu_cs_pass1\n\nThe type of size is unsigned int, if size is 0x40000000, there will\nbe an integer overflow, size will be zero after size *= sizeof(uint32_t),\nwill cause uninitialized memory to be referenced later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53707",
"url": "https://www.suse.com/security/cve/CVE-2023-53707"
},
{
"category": "external",
"summary": "SUSE Bug 1252632 for CVE-2023-53707",
"url": "https://bugzilla.suse.com/1252632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53707"
},
{
"cve": "CVE-2023-53708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects\n\nIf a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE`\nobjects while evaluating the AMD LPS0 _DSM, there will be a memory\nleak. Explicitly guard against this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53708",
"url": "https://www.suse.com/security/cve/CVE-2023-53708"
},
{
"category": "external",
"summary": "SUSE Bug 1252537 for CVE-2023-53708",
"url": "https://bugzilla.suse.com/1252537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53708"
},
{
"cve": "CVE-2023-53709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Handle race between rb_move_tail and rb_check_pages\n\nIt seems a data race between ring_buffer writing and integrity check.\nThat is, RB_FLAG of head_page is been updating, while at same time\nRB_FLAG was cleared when doing integrity check rb_check_pages():\n\n rb_check_pages() rb_handle_head_page():\n -------- --------\n rb_head_page_deactivate()\n rb_head_page_set_normal()\n rb_head_page_activate()\n\nWe do intergrity test of the list to check if the list is corrupted and\nit is still worth doing it. So, let\u0027s refactor rb_check_pages() such that\nwe no longer clear and set flag during the list sanity checking.\n\n[1] and [2] are the test to reproduce and the crash report respectively.\n\n1:\n``` read_trace.sh\n while true;\n do\n # the \"trace\" file is closed after read\n head -1 /sys/kernel/tracing/trace \u003e /dev/null\n done\n```\n``` repro.sh\n sysctl -w kernel.panic_on_warn=1\n # function tracer will writing enough data into ring_buffer\n echo function \u003e /sys/kernel/tracing/current_tracer\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n ./read_trace.sh \u0026\n```\n\n2:\n------------[ cut here ]------------\nWARNING: CPU: 9 PID: 62 at kernel/trace/ring_buffer.c:2653\nrb_move_tail+0x450/0x470\nModules linked in:\nCPU: 9 PID: 62 Comm: ksoftirqd/9 Tainted: G W 6.2.0-rc6+\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\nRIP: 0010:rb_move_tail+0x450/0x470\nCode: ff ff 4c 89 c8 f0 4d 0f b1 02 48 89 c2 48 83 e2 fc 49 39 d0 75 24\n83 e0 03 83 f8 02 0f 84 e1 fb ff ff 48 8b 57 10 f0 ff 42 08 \u003c0f\u003e 0b 83\nf8 02 0f 84 ce fb ff ff e9 db\nRSP: 0018:ffffb5564089bd00 EFLAGS: 00000203\nRAX: 0000000000000000 RBX: ffff9db385a2bf81 RCX: ffffb5564089bd18\nRDX: ffff9db281110100 RSI: 0000000000000fe4 RDI: ffff9db380145400\nRBP: ffff9db385a2bf80 R08: ffff9db385a2bfc0 R09: ffff9db385a2bfc2\nR10: ffff9db385a6c000 R11: ffff9db385a2bf80 R12: 0000000000000000\nR13: 00000000000003e8 R14: ffff9db281110100 R15: ffffffffbb006108\nFS: 0000000000000000(0000) GS:ffff9db3bdcc0000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005602323024c8 CR3: 0000000022e0c000 CR4: 00000000000006e0\nCall Trace:\n \u003cTASK\u003e\n ring_buffer_lock_reserve+0x136/0x360\n ? __do_softirq+0x287/0x2df\n ? __pfx_rcu_softirq_qs+0x10/0x10\n trace_function+0x21/0x110\n ? __pfx_rcu_softirq_qs+0x10/0x10\n ? __do_softirq+0x287/0x2df\n function_trace_call+0xf6/0x120\n 0xffffffffc038f097\n ? rcu_softirq_qs+0x5/0x140\n rcu_softirq_qs+0x5/0x140\n __do_softirq+0x287/0x2df\n run_ksoftirqd+0x2a/0x30\n smpboot_thread_fn+0x188/0x220\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0xe7/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n \u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\n[ crash report and test reproducer credit goes to Zheng Yejian]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53709",
"url": "https://www.suse.com/security/cve/CVE-2023-53709"
},
{
"category": "external",
"summary": "SUSE Bug 1252532 for CVE-2023-53709",
"url": "https://bugzilla.suse.com/1252532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53709"
},
{
"cve": "CVE-2023-53711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a potential data corruption\n\nWe must ensure that the subrequests are joined back into the head before\nwe can retransmit a request. If the head was not on the commit lists,\nbecause the server wrote it synchronously, we still need to add it back\nto the retransmission list.\nAdd a call that mirrors the effect of nfs_cancel_remove_inode() for\nO_DIRECT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53711",
"url": "https://www.suse.com/security/cve/CVE-2023-53711"
},
{
"category": "external",
"summary": "SUSE Bug 1252536 for CVE-2023-53711",
"url": "https://bugzilla.suse.com/1252536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53711"
},
{
"cve": "CVE-2023-53715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex\n\nApparently the hex passphrase mechanism does not work on newer\nchips/firmware (e.g. BCM4387). It seems there was a simple way of\npassing it in binary all along, so use that and avoid the hexification.\n\nOpenBSD has been doing it like this from the beginning, so this should\nwork on all chips.\n\nAlso clear the structure before setting the PMK. This was leaking\nuninitialized stack contents to the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53715",
"url": "https://www.suse.com/security/cve/CVE-2023-53715"
},
{
"category": "external",
"summary": "SUSE Bug 1252545 for CVE-2023-53715",
"url": "https://bugzilla.suse.com/1252545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53715"
},
{
"cve": "CVE-2023-53716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix skb leak in __skb_tstamp_tx()\n\nCommit 50749f2dd685 (\"tcp/udp: Fix memleaks of sk and zerocopy skbs with\nTX timestamp.\") added a call to skb_orphan_frags_rx() to fix leaks with\nzerocopy skbs. But it ended up adding a leak of its own. When\nskb_orphan_frags_rx() fails, the function just returns, leaking the skb\nit just cloned. Free it before returning.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53716",
"url": "https://www.suse.com/security/cve/CVE-2023-53716"
},
{
"category": "external",
"summary": "SUSE Bug 1252494 for CVE-2023-53716",
"url": "https://bugzilla.suse.com/1252494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53716"
},
{
"cve": "CVE-2023-53717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53717"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()\n\nFix a stack-out-of-bounds write that occurs in a WMI response callback\nfunction that is called after a timeout occurs in ath9k_wmi_cmd().\nThe callback writes to wmi-\u003ecmd_rsp_buf, a stack-allocated buffer that\ncould no longer be valid when a timeout occurs. Set wmi-\u003elast_seq_id to\n0 when a timeout occurred.\n\nFound by a modified version of syzkaller.\n\nBUG: KASAN: stack-out-of-bounds in ath9k_wmi_ctrl_rx\nWrite of size 4\nCall Trace:\n memcpy\n ath9k_wmi_ctrl_rx\n ath9k_htc_rx_msg\n ath9k_hif_usb_reg_in_cb\n __usb_hcd_giveback_urb\n usb_hcd_giveback_urb\n dummy_timer\n call_timer_fn\n run_timer_softirq\n __do_softirq\n irq_exit_rcu\n sysvec_apic_timer_interrupt",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53717",
"url": "https://www.suse.com/security/cve/CVE-2023-53717"
},
{
"category": "external",
"summary": "SUSE Bug 1252560 for CVE-2023-53717",
"url": "https://bugzilla.suse.com/1252560"
},
{
"category": "external",
"summary": "SUSE Bug 1252563 for CVE-2023-53717",
"url": "https://bugzilla.suse.com/1252563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53717"
},
{
"cve": "CVE-2023-53718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Do not swap cpu_buffer during resize process\n\nWhen ring_buffer_swap_cpu was called during resize process,\nthe cpu buffer was swapped in the middle, resulting in incorrect state.\nContinuing to run in the wrong state will result in oops.\n\nThis issue can be easily reproduced using the following two scripts:\n/tmp # cat test1.sh\n//#! /bin/sh\nfor i in `seq 0 100000`\ndo\n echo 2000 \u003e /sys/kernel/debug/tracing/buffer_size_kb\n sleep 0.5\n echo 5000 \u003e /sys/kernel/debug/tracing/buffer_size_kb\n sleep 0.5\ndone\n/tmp # cat test2.sh\n//#! /bin/sh\nfor i in `seq 0 100000`\ndo\n echo irqsoff \u003e /sys/kernel/debug/tracing/current_tracer\n sleep 1\n echo nop \u003e /sys/kernel/debug/tracing/current_tracer\n sleep 1\ndone\n/tmp # ./test1.sh \u0026\n/tmp # ./test2.sh \u0026\n\nA typical oops log is as follows, sometimes with other different oops logs.\n\n[ 231.711293] WARNING: CPU: 0 PID: 9 at kernel/trace/ring_buffer.c:2026 rb_update_pages+0x378/0x3f8\n[ 231.713375] Modules linked in:\n[ 231.714735] CPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W 6.5.0-rc1-00276-g20edcec23f92 #15\n[ 231.716750] Hardware name: linux,dummy-virt (DT)\n[ 231.718152] Workqueue: events update_pages_handler\n[ 231.719714] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 231.721171] pc : rb_update_pages+0x378/0x3f8\n[ 231.722212] lr : rb_update_pages+0x25c/0x3f8\n[ 231.723248] sp : ffff800082b9bd50\n[ 231.724169] x29: ffff800082b9bd50 x28: ffff8000825f7000 x27: 0000000000000000\n[ 231.726102] x26: 0000000000000001 x25: fffffffffffff010 x24: 0000000000000ff0\n[ 231.728122] x23: ffff0000c3a0b600 x22: ffff0000c3a0b5c0 x21: fffffffffffffe0a\n[ 231.730203] x20: ffff0000c3a0b600 x19: ffff0000c0102400 x18: 0000000000000000\n[ 231.732329] x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffe7aa8510\n[ 231.734212] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000002\n[ 231.736291] x11: ffff8000826998a8 x10: ffff800082b9baf0 x9 : ffff800081137558\n[ 231.738195] x8 : fffffc00030e82c8 x7 : 0000000000000000 x6 : 0000000000000001\n[ 231.740192] x5 : ffff0000ffbafe00 x4 : 0000000000000000 x3 : 0000000000000000\n[ 231.742118] x2 : 00000000000006aa x1 : 0000000000000001 x0 : ffff0000c0007208\n[ 231.744196] Call trace:\n[ 231.744892] rb_update_pages+0x378/0x3f8\n[ 231.745893] update_pages_handler+0x1c/0x38\n[ 231.746893] process_one_work+0x1f0/0x468\n[ 231.747852] worker_thread+0x54/0x410\n[ 231.748737] kthread+0x124/0x138\n[ 231.749549] ret_from_fork+0x10/0x20\n[ 231.750434] ---[ end trace 0000000000000000 ]---\n[ 233.720486] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 233.721696] Mem abort info:\n[ 233.721935] ESR = 0x0000000096000004\n[ 233.722283] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 233.722596] SET = 0, FnV = 0\n[ 233.722805] EA = 0, S1PTW = 0\n[ 233.723026] FSC = 0x04: level 0 translation fault\n[ 233.723458] Data abort info:\n[ 233.723734] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 233.724176] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 233.724589] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 233.725075] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000104943000\n[ 233.725592] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n[ 233.726231] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 233.726720] Modules linked in:\n[ 233.727007] CPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W 6.5.0-rc1-00276-g20edcec23f92 #15\n[ 233.727777] Hardware name: linux,dummy-virt (DT)\n[ 233.728225] Workqueue: events update_pages_handler\n[ 233.728655] pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 233.729054] pc : rb_update_pages+0x1a8/0x3f8\n[ 233.729334] lr : rb_update_pages+0x154/0x3f8\n[ 233.729592] sp : ffff800082b9bd50\n[ 233.729792] x29: ffff800082b9bd50 x28: ffff8000825f7000 x27: 00000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53718",
"url": "https://www.suse.com/security/cve/CVE-2023-53718"
},
{
"category": "external",
"summary": "SUSE Bug 1252564 for CVE-2023-53718",
"url": "https://bugzilla.suse.com/1252564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53718"
},
{
"cve": "CVE-2023-53719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: arc_uart: fix of_iomap leak in `arc_serial_probe`\n\nSmatch reports:\n\ndrivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn:\n\u0027port-\u003emembase\u0027 from of_iomap() not released on lines: 631.\n\nIn arc_serial_probe(), if uart_add_one_port() fails,\nport-\u003emembase is not released, which would cause a resource leak.\n\nTo fix this, I replace of_iomap with devm_platform_ioremap_resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53719",
"url": "https://www.suse.com/security/cve/CVE-2023-53719"
},
{
"category": "external",
"summary": "SUSE Bug 1252501 for CVE-2023-53719",
"url": "https://bugzilla.suse.com/1252501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53719"
},
{
"cve": "CVE-2023-53722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: raid1: fix potential OOB in raid1_remove_disk()\n\nIf rddev-\u003eraid_disk is greater than mddev-\u003eraid_disks, there will be\nan out-of-bounds in raid1_remove_disk(). We have already found\nsimilar reports as follows:\n\n1) commit d17f744e883b (\"md-raid10: fix KASAN warning\")\n2) commit 1ebc2cec0b7d (\"dm raid: fix KASAN warning in raid5_remove_disk\")\n\nFix this bug by checking whether the \"number\" variable is\nvalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53722",
"url": "https://www.suse.com/security/cve/CVE-2023-53722"
},
{
"category": "external",
"summary": "SUSE Bug 1252499 for CVE-2023-53722",
"url": "https://bugzilla.suse.com/1252499"
},
{
"category": "external",
"summary": "SUSE Bug 1252500 for CVE-2023-53722",
"url": "https://bugzilla.suse.com/1252500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2023-53722"
},
{
"cve": "CVE-2023-53723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend\n\nsdma_v4_0_ip is shared on a few asics, but in sdma_v4_0_hw_fini,\ndriver unconditionally disables ecc_irq which is only enabled on\nthose asics enabling sdma ecc. This will introduce a warning in\nsuspend cycle on those chips with sdma ip v4.0, while without\nsdma ecc. So this patch correct this.\n\n[ 7283.166354] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu]\n[ 7283.167001] RSP: 0018:ffff9a5fc3967d08 EFLAGS: 00010246\n[ 7283.167019] RAX: ffff98d88afd3770 RBX: 0000000000000001 RCX: 0000000000000000\n[ 7283.167023] RDX: 0000000000000000 RSI: ffff98d89da30390 RDI: ffff98d89da20000\n[ 7283.167025] RBP: ffff98d89da20000 R08: 0000000000036838 R09: 0000000000000006\n[ 7283.167028] R10: ffffd5764243c008 R11: 0000000000000000 R12: ffff98d89da30390\n[ 7283.167030] R13: ffff98d89da38978 R14: ffffffff999ae15a R15: ffff98d880130105\n[ 7283.167032] FS: 0000000000000000(0000) GS:ffff98d996f00000(0000) knlGS:0000000000000000\n[ 7283.167036] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7283.167039] CR2: 00000000f7a9d178 CR3: 00000001c42ea000 CR4: 00000000003506e0\n[ 7283.167041] Call Trace:\n[ 7283.167046] \u003cTASK\u003e\n[ 7283.167048] sdma_v4_0_hw_fini+0x38/0xa0 [amdgpu]\n[ 7283.167704] amdgpu_device_ip_suspend_phase2+0x101/0x1a0 [amdgpu]\n[ 7283.168296] amdgpu_device_suspend+0x103/0x180 [amdgpu]\n[ 7283.168875] amdgpu_pmops_freeze+0x21/0x60 [amdgpu]\n[ 7283.169464] pci_pm_freeze+0x54/0xc0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53723",
"url": "https://www.suse.com/security/cve/CVE-2023-53723"
},
{
"category": "external",
"summary": "SUSE Bug 1252634 for CVE-2023-53723",
"url": "https://bugzilla.suse.com/1252634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53723"
},
{
"cve": "CVE-2023-53724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()\n\n`req` is allocated in pcf50633_adc_async_read(), but\nadc_enqueue_request() could fail to insert the `req` into queue.\nWe need to check the return value and free it in the case of failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53724",
"url": "https://www.suse.com/security/cve/CVE-2023-53724"
},
{
"category": "external",
"summary": "SUSE Bug 1252497 for CVE-2023-53724",
"url": "https://bugzilla.suse.com/1252497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53724"
},
{
"cve": "CVE-2023-53725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe\n\nSmatch reports:\ndrivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe()\nwarn: \u0027timer_baseaddr\u0027 from of_iomap() not released on lines: 498,508,516.\n\ntimer_baseaddr may have the problem of not being released after use,\nI replaced it with the devm_of_iomap() function and added the clk_put()\nfunction to cleanup the \"clk_ce\" and \"clk_cs\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53725",
"url": "https://www.suse.com/security/cve/CVE-2023-53725"
},
{
"category": "external",
"summary": "SUSE Bug 1252492 for CVE-2023-53725",
"url": "https://bugzilla.suse.com/1252492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2023-53725"
},
{
"cve": "CVE-2023-53726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: csum: Fix OoB access in IP checksum code for negative lengths\n\nAlthough commit c2c24edb1d9c (\"arm64: csum: Fix pathological zero-length\ncalls\") added an early return for zero-length input, syzkaller has\npopped up with an example of a _negative_ length which causes an\nundefined shift and an out-of-bounds read:\n\n | BUG: KASAN: slab-out-of-bounds in do_csum+0x44/0x254 arch/arm64/lib/csum.c:39\n | Read of size 4294966928 at addr ffff0000d7ac0170 by task syz-executor412/5975\n |\n | CPU: 0 PID: 5975 Comm: syz-executor412 Not tainted 6.4.0-rc4-syzkaller-g908f31f2a05b #0\n | Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023\n | Call trace:\n | dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233\n | show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240\n | __dump_stack lib/dump_stack.c:88 [inline]\n | dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106\n | print_address_description mm/kasan/report.c:351 [inline]\n | print_report+0x174/0x514 mm/kasan/report.c:462\n | kasan_report+0xd4/0x130 mm/kasan/report.c:572\n | kasan_check_range+0x264/0x2a4 mm/kasan/generic.c:187\n | __kasan_check_read+0x20/0x30 mm/kasan/shadow.c:31\n | do_csum+0x44/0x254 arch/arm64/lib/csum.c:39\n | csum_partial+0x30/0x58 lib/checksum.c:128\n | gso_make_checksum include/linux/skbuff.h:4928 [inline]\n | __udp_gso_segment+0xaf4/0x1bc4 net/ipv4/udp_offload.c:332\n | udp6_ufo_fragment+0x540/0xca0 net/ipv6/udp_offload.c:47\n | ipv6_gso_segment+0x5cc/0x1760 net/ipv6/ip6_offload.c:119\n | skb_mac_gso_segment+0x2b4/0x5b0 net/core/gro.c:141\n | __skb_gso_segment+0x250/0x3d0 net/core/dev.c:3401\n | skb_gso_segment include/linux/netdevice.h:4859 [inline]\n | validate_xmit_skb+0x364/0xdbc net/core/dev.c:3659\n | validate_xmit_skb_list+0x94/0x130 net/core/dev.c:3709\n | sch_direct_xmit+0xe8/0x548 net/sched/sch_generic.c:327\n | __dev_xmit_skb net/core/dev.c:3805 [inline]\n | __dev_queue_xmit+0x147c/0x3318 net/core/dev.c:4210\n | dev_queue_xmit include/linux/netdevice.h:3085 [inline]\n | packet_xmit+0x6c/0x318 net/packet/af_packet.c:276\n | packet_snd net/packet/af_packet.c:3081 [inline]\n | packet_sendmsg+0x376c/0x4c98 net/packet/af_packet.c:3113\n | sock_sendmsg_nosec net/socket.c:724 [inline]\n | sock_sendmsg net/socket.c:747 [inline]\n | __sys_sendto+0x3b4/0x538 net/socket.c:2144\n\nExtend the early return to reject negative lengths as well, aligning our\nimplementation with the generic code in lib/checksum.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53726",
"url": "https://www.suse.com/security/cve/CVE-2023-53726"
},
{
"category": "external",
"summary": "SUSE Bug 1252565 for CVE-2023-53726",
"url": "https://bugzilla.suse.com/1252565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53726"
},
{
"cve": "CVE-2023-53730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost\n\nadjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled\nwhen unlock. DEADLOCK might happen if we have held other locks and disabled\nIRQ before invoking it.\n\nFix it by using spin_lock_irqsave() instead, which can keep IRQ state\nconsistent with before when unlock.\n\n ================================\n WARNING: inconsistent lock state\n 5.10.0-02758-g8e5f91fd772f #26 Not tainted\n --------------------------------\n inconsistent {IN-HARDIRQ-W} -\u003e {HARDIRQ-ON-W} usage.\n kworker/2:3/388 [HC0[0]:SC0[0]:HE0:SE1] takes:\n ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n {IN-HARDIRQ-W} state was registered at:\n __lock_acquire+0x3d7/0x1070\n lock_acquire+0x197/0x4a0\n __raw_spin_lock_irqsave\n _raw_spin_lock_irqsave+0x3b/0x60\n bfq_idle_slice_timer_body\n bfq_idle_slice_timer+0x53/0x1d0\n __run_hrtimer+0x477/0xa70\n __hrtimer_run_queues+0x1c6/0x2d0\n hrtimer_interrupt+0x302/0x9e0\n local_apic_timer_interrupt\n __sysvec_apic_timer_interrupt+0xfd/0x420\n run_sysvec_on_irqstack_cond\n sysvec_apic_timer_interrupt+0x46/0xa0\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n irq event stamp: 837522\n hardirqs last enabled at (837521): [\u003cffffffff84b9419d\u003e] __raw_spin_unlock_irqrestore\n hardirqs last enabled at (837521): [\u003cffffffff84b9419d\u003e] _raw_spin_unlock_irqrestore+0x3d/0x40\n hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] __raw_spin_lock_irq\n hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] _raw_spin_lock_irq+0x43/0x50\n softirqs last enabled at (835852): [\u003cffffffff84e00558\u003e] __do_softirq+0x558/0x8ec\n softirqs last disabled at (835845): [\u003cffffffff84c010ff\u003e] asm_call_irq_on_stack+0xf/0x20\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026bfqd-\u003elock);\n \u003cInterrupt\u003e\n lock(\u0026bfqd-\u003elock);\n\n *** DEADLOCK ***\n\n 3 locks held by kworker/2:3/388:\n #0: ffff888107af0f38 ((wq_completion)kthrotld){+.+.}-{0:0}, at: process_one_work+0x742/0x13f0\n #1: ffff8881176bfdd8 ((work_completion)(\u0026td-\u003edispatch_work)){+.+.}-{0:0}, at: process_one_work+0x777/0x13f0\n #2: ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n #2: ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n\n stack backtrace:\n CPU: 2 PID: 388 Comm: kworker/2:3 Not tainted 5.10.0-02758-g8e5f91fd772f #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n Workqueue: kthrotld blk_throtl_dispatch_work_fn\n Call Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x107/0x167\n print_usage_bug\n valid_state\n mark_lock_irq.cold+0x32/0x3a\n mark_lock+0x693/0xbc0\n mark_held_locks+0x9e/0xe0\n __trace_hardirqs_on_caller\n lockdep_hardirqs_on_prepare.part.0+0x151/0x360\n trace_hardirqs_on+0x5b/0x180\n __raw_spin_unlock_irq\n _raw_spin_unlock_irq+0x24/0x40\n spin_unlock_irq\n adjust_inuse_and_calc_cost+0x4fb/0x970\n ioc_rqos_merge+0x277/0x740\n __rq_qos_merge+0x62/0xb0\n rq_qos_merge\n bio_attempt_back_merge+0x12c/0x4a0\n blk_mq_sched_try_merge+0x1b6/0x4d0\n bfq_bio_merge+0x24a/0x390\n __blk_mq_sched_bio_merge+0xa6/0x460\n blk_mq_sched_bio_merge\n blk_mq_submit_bio+0x2e7/0x1ee0\n __submit_bio_noacct_mq+0x175/0x3b0\n submit_bio_noacct+0x1fb/0x270\n blk_throtl_dispatch_work_fn+0x1ef/0x2b0\n process_one_work+0x83e/0x13f0\n process_scheduled_works\n worker_thread+0x7e3/0xd80\n kthread+0x353/0x470\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53730",
"url": "https://www.suse.com/security/cve/CVE-2023-53730"
},
{
"category": "external",
"summary": "SUSE Bug 1252495 for CVE-2023-53730",
"url": "https://bugzilla.suse.com/1252495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-53730"
},
{
"cve": "CVE-2023-7324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses\n\nSanitize possible addl_desc_ptr out-of-bounds accesses in\nses_enclosure_data_process().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7324",
"url": "https://www.suse.com/security/cve/CVE-2023-7324"
},
{
"category": "external",
"summary": "SUSE Bug 1252893 for CVE-2023-7324",
"url": "https://bugzilla.suse.com/1252893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-7324"
},
{
"cve": "CVE-2025-37885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn\u0027t postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn\u0027t freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37885",
"url": "https://www.suse.com/security/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "SUSE Bug 1242960 for CVE-2025-37885",
"url": "https://bugzilla.suse.com/1242960"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-37885"
},
{
"cve": "CVE-2025-38084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38084"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: unshare page tables during VMA split, not before\n\nCurrently, __split_vma() triggers hugetlb page table unsharing through\nvm_ops-\u003emay_split(). This happens before the VMA lock and rmap locks are\ntaken - which is too early, it allows racing VMA-locked page faults in our\nprocess and racing rmap walks from other processes to cause page tables to\nbe shared again before we actually perform the split.\n\nFix it by explicitly calling into the hugetlb unshare logic from\n__split_vma() in the same place where THP splitting also happens. At that\npoint, both the VMA and the rmap(s) are write-locked.\n\nAn annoying detail is that we can now call into the helper\nhugetlb_unshare_pmds() from two different locking contexts:\n\n1. from hugetlb_split(), holding:\n - mmap lock (exclusively)\n - VMA lock\n - file rmap lock (exclusively)\n2. hugetlb_unshare_all_pmds(), which I think is designed to be able to\n call us with only the mmap lock held (in shared mode), but currently\n only runs while holding mmap lock (exclusively) and VMA lock\n\nBackporting note:\nThis commit fixes a racy protection that was introduced in commit\nb30c14cd6102 (\"hugetlb: unshare some PMDs when splitting VMAs\"); that\ncommit claimed to fix an issue introduced in 5.13, but it should actually\nalso go all the way back.\n\n[jannh@google.com: v2]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38084",
"url": "https://www.suse.com/security/cve/CVE-2025-38084"
},
{
"category": "external",
"summary": "SUSE Bug 1245498 for CVE-2025-38084",
"url": "https://bugzilla.suse.com/1245498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38084"
},
{
"cve": "CVE-2025-38085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race\n\nhuge_pmd_unshare() drops a reference on a page table that may have\npreviously been shared across processes, potentially turning it into a\nnormal page table used in another process in which unrelated VMAs can\nafterwards be installed.\n\nIf this happens in the middle of a concurrent gup_fast(), gup_fast() could\nend up walking the page tables of another process. While I don\u0027t see any\nway in which that immediately leads to kernel memory corruption, it is\nreally weird and unexpected.\n\nFix it with an explicit broadcast IPI through tlb_remove_table_sync_one(),\njust like we do in khugepaged when removing page tables for a THP\ncollapse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38085",
"url": "https://www.suse.com/security/cve/CVE-2025-38085"
},
{
"category": "external",
"summary": "SUSE Bug 1245499 for CVE-2025-38085",
"url": "https://bugzilla.suse.com/1245499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-38085"
},
{
"cve": "CVE-2025-38476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38476"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpl: Fix use-after-free in rpl_do_srh_inline().\n\nRunning lwt_dst_cache_ref_loop.sh in selftest with KASAN triggers\nthe splat below [0].\n\nrpl_do_srh_inline() fetches ipv6_hdr(skb) and accesses it after\nskb_cow_head(), which is illegal as the header could be freed then.\n\nLet\u0027s fix it by making oldhdr to a local struct instead of a pointer.\n\n[0]:\n[root@fedora net]# ./lwt_dst_cache_ref_loop.sh\n...\nTEST: rpl (input)\n[ 57.631529] ==================================================================\nBUG: KASAN: slab-use-after-free in rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\nRead of size 40 at addr ffff888122bf96d8 by task ping6/1543\n\nCPU: 50 UID: 0 PID: 1543 Comm: ping6 Not tainted 6.16.0-rc5-01302-gfadd1e6231b1 #23 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:122)\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\n kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n kasan_check_range (mm/kasan/generic.c:175 (discriminator 1) mm/kasan/generic.c:189 (discriminator 1))\n __asan_memmove (mm/kasan/shadow.c:94 (discriminator 2))\n rpl_do_srh_inline.isra.0 (net/ipv6/rpl_iptunnel.c:174)\n rpl_input (net/ipv6/rpl_iptunnel.c:201 net/ipv6/rpl_iptunnel.c:282)\n lwtunnel_input (net/core/lwtunnel.c:459)\n ipv6_rcv (./include/net/dst.h:471 (discriminator 1) ./include/net/dst.h:469 (discriminator 1) net/ipv6/ip6_input.c:79 (discriminator 1) ./include/linux/netfilter.h:317 (discriminator 1) ./include/linux/netfilter.h:311 (discriminator 1) net/ipv6/ip6_input.c:311 (discriminator 1))\n __netif_receive_skb_one_core (net/core/dev.c:5967)\n process_backlog (./include/linux/rcupdate.h:869 net/core/dev.c:6440)\n __napi_poll.constprop.0 (net/core/dev.c:7452)\n net_rx_action (net/core/dev.c:7518 net/core/dev.c:7643)\n handle_softirqs (kernel/softirq.c:579)\n do_softirq (kernel/softirq.c:480 (discriminator 20))\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:407)\n __dev_queue_xmit (net/core/dev.c:4740)\n ip6_finish_output2 (./include/linux/netdevice.h:3358 ./include/net/neighbour.h:526 ./include/net/neighbour.h:540 net/ipv6/ip6_output.c:141)\n ip6_finish_output (net/ipv6/ip6_output.c:215 net/ipv6/ip6_output.c:226)\n ip6_output (./include/linux/netfilter.h:306 net/ipv6/ip6_output.c:248)\n ip6_send_skb (net/ipv6/ip6_output.c:1983)\n rawv6_sendmsg (net/ipv6/raw.c:588 net/ipv6/raw.c:918)\n __sys_sendto (net/socket.c:714 (discriminator 1) net/socket.c:729 (discriminator 1) net/socket.c:2228 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2231)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nRIP: 0033:0x7f68cffb2a06\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\nRSP: 002b:00007ffefb7c53d0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000564cd69f10a0 RCX: 00007f68cffb2a06\nRDX: 0000000000000040 RSI: 0000564cd69f10a4 RDI: 0000000000000003\nRBP: 00007ffefb7c53f0 R08: 0000564cd6a032ac R09: 000000000000001c\nR10: 0000000000000000 R11: 0000000000000202 R12: 0000564cd69f10a4\nR13: 0000000000000040 R14: 00007ffefb7c66e0 R15: 0000564cd69f10a0\n \u003c/TASK\u003e\n\nAllocated by task 1543:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\n __kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\n kmem_cache_alloc_node_noprof (./include/linux/kasan.h:250 mm/slub.c:4148 mm/slub.c:4197 mm/slub.c:4249)\n kmalloc_reserve (net/core/skbuff.c:581 (discriminator 88))\n __alloc_skb (net/core/skbuff.c:669)\n __ip6_append_data (net/ipv6/ip6_output.c:1672 (discriminator 1))\n ip6_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38476",
"url": "https://www.suse.com/security/cve/CVE-2025-38476"
},
{
"category": "external",
"summary": "SUSE Bug 1247317 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1247317"
},
{
"category": "external",
"summary": "SUSE Bug 1251203 for CVE-2025-38476",
"url": "https://bugzilla.suse.com/1251203"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-38476"
},
{
"cve": "CVE-2025-39742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()\n\nThe function divides number of online CPUs by num_core_siblings, and\nlater checks the divider by zero. This implies a possibility to get\nand divide-by-zero runtime error. Fix it by moving the check prior to\ndivision. This also helps to save one indentation level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39742",
"url": "https://www.suse.com/security/cve/CVE-2025-39742"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249479 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249479"
},
{
"category": "external",
"summary": "SUSE Bug 1249480 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1249480"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-39742",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-39742"
},
{
"cve": "CVE-2025-39797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39797",
"url": "https://www.suse.com/security/cve/CVE-2025-39797"
},
{
"category": "external",
"summary": "SUSE Bug 1249608 for CVE-2025-39797",
"url": "https://bugzilla.suse.com/1249608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-39797"
},
{
"cve": "CVE-2025-39945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncnic: Fix use-after-free bugs in cnic_delete_task\n\nThe original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),\nwhich does not guarantee that the delayed work item \u0027delete_task\u0027 has\nfully completed if it was already running. Additionally, the delayed work\nitem is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only\nblocks and waits for work items that were already queued to the\nworkqueue prior to its invocation. Any work items submitted after\nflush_workqueue() is called are not included in the set of tasks that the\nflush operation awaits. This means that after the cyclic work items have\nfinished executing, a delayed work item may still exist in the workqueue.\nThis leads to use-after-free scenarios where the cnic_dev is deallocated\nby cnic_free_dev(), while delete_task remains active and attempt to\ndereference cnic_dev in cnic_delete_task().\n\nA typical race condition is illustrated below:\n\nCPU 0 (cleanup) | CPU 1 (delayed work callback)\ncnic_netdev_event() |\n cnic_stop_hw() | cnic_delete_task()\n cnic_cm_stop_bnx2x_hw() | ...\n cancel_delayed_work() | /* the queue_delayed_work()\n flush_workqueue() | executes after flush_workqueue()*/\n | queue_delayed_work()\n cnic_free_dev(dev)//free | cnic_delete_task() //new instance\n | dev = cp-\u003edev; //use\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the cyclic delayed work item is properly canceled and that any\nongoing execution of the work item completes before the cnic_dev is\ndeallocated. Furthermore, since cancel_delayed_work_sync() uses\n__flush_work(work, true) to synchronously wait for any currently\nexecuting instance of the work item to finish, the flush_workqueue()\nbecomes redundant and should be removed.\n\nThis bug was identified through static analysis. To reproduce the issue\nand validate the fix, I simulated the cnic PCI device in QEMU and\nintroduced intentional delays - such as inserting calls to ssleep()\nwithin the cnic_delete_task() function - to increase the likelihood\nof triggering the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39945",
"url": "https://www.suse.com/security/cve/CVE-2025-39945"
},
{
"category": "external",
"summary": "SUSE Bug 1251230 for CVE-2025-39945",
"url": "https://bugzilla.suse.com/1251230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-39945"
},
{
"cve": "CVE-2025-39965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: xfrm_alloc_spi shouldn\u0027t use 0 as SPI\n\nx-\u003eid.spi == 0 means \"no SPI assigned\", but since commit\n94f39804d891 (\"xfrm: Duplicate SPI Handling\"), we now create states\nand add them to the byspi list with this value.\n\n__xfrm_state_delete doesn\u0027t remove those states from the byspi list,\nsince they shouldn\u0027t be there, and this shows up as a UAF the next\ntime we go through the byspi list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39965",
"url": "https://www.suse.com/security/cve/CVE-2025-39965"
},
{
"category": "external",
"summary": "SUSE Bug 1251967 for CVE-2025-39965",
"url": "https://bugzilla.suse.com/1251967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-39965"
},
{
"cve": "CVE-2025-39967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: fix integer overflow in fbcon_do_set_font\n\nFix integer overflow vulnerabilities in fbcon_do_set_font() where font\nsize calculations could overflow when handling user-controlled font\nparameters.\n\nThe vulnerabilities occur when:\n1. CALC_FONTSZ(h, pitch, charcount) performs h * pith * charcount\n multiplication with user-controlled values that can overflow.\n2. FONT_EXTRA_WORDS * sizeof(int) + size addition can also overflow\n3. This results in smaller allocations than expected, leading to buffer\n overflows during font data copying.\n\nAdd explicit overflow checking using check_mul_overflow() and\ncheck_add_overflow() kernel helpers to safety validate all size\ncalculations before allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39967",
"url": "https://www.suse.com/security/cve/CVE-2025-39967"
},
{
"category": "external",
"summary": "SUSE Bug 1252033 for CVE-2025-39967",
"url": "https://bugzilla.suse.com/1252033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-39967"
},
{
"cve": "CVE-2025-39968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: add max boundary check for VF filters\n\nThere is no check for max filters that VF can request. Add it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39968",
"url": "https://www.suse.com/security/cve/CVE-2025-39968"
},
{
"category": "external",
"summary": "SUSE Bug 1252047 for CVE-2025-39968",
"url": "https://bugzilla.suse.com/1252047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "low"
}
],
"title": "CVE-2025-39968"
},
{
"cve": "CVE-2025-39973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: add validation for ring_len param\n\nThe `ring_len` parameter provided by the virtual function (VF)\nis assigned directly to the hardware memory context (HMC) without\nany validation.\n\nTo address this, introduce an upper boundary check for both Tx and Rx\nqueue lengths. The maximum number of descriptors supported by the\nhardware is 8k-32.\nAdditionally, enforce alignment constraints: Tx rings must be a multiple\nof 8, and Rx rings must be a multiple of 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39973",
"url": "https://www.suse.com/security/cve/CVE-2025-39973"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1252035 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1252035"
},
{
"category": "external",
"summary": "SUSE Bug 1252036 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1252036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-39973"
},
{
"cve": "CVE-2025-39978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix potential use after free in otx2_tc_add_flow()\n\nThis code calls kfree_rcu(new_node, rcu) and then dereferences \"new_node\"\nand then dereferences it on the next line. Two lines later, we take\na mutex so I don\u0027t think this is an RCU safe region. Re-order it to do\nthe dereferences before queuing up the free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39978",
"url": "https://www.suse.com/security/cve/CVE-2025-39978"
},
{
"category": "external",
"summary": "SUSE Bug 1252069 for CVE-2025-39978",
"url": "https://bugzilla.suse.com/1252069"
},
{
"category": "external",
"summary": "SUSE Bug 1252071 for CVE-2025-39978",
"url": "https://bugzilla.suse.com/1252071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-39978"
},
{
"cve": "CVE-2025-39981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix possible UAFs\n\nThis attemps to fix possible UAFs caused by struct mgmt_pending being\nfreed while still being processed like in the following trace, in order\nto fix mgmt_pending_valid is introduce and use to check if the\nmgmt_pending hasn\u0027t been removed from the pending list, on the complete\ncallbacks it is used to check and in addtion remove the cmd from the list\nwhile holding mgmt_pending_lock to avoid TOCTOU problems since if the cmd\nis left on the list it can still be accessed and freed.\n\nBUG: KASAN: slab-use-after-free in mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\nRead of size 8 at addr ffff8880709d4dc0 by task kworker/u11:0/55\n\nCPU: 0 UID: 0 PID: 55 Comm: kworker/u11:0 Not tainted 6.16.4 #2 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\n hci_cmd_sync_work+0x210/0x3a0 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x711/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/source/fuzzing/kernel/kasan/linux-6.16.4/arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 12210:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4364\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n mgmt_pending_new+0x65/0x1e0 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x35/0x140 net/bluetooth/mgmt_util.c:296\n __add_adv_patterns_monitor+0x130/0x200 net/bluetooth/mgmt.c:5247\n add_adv_patterns_monitor+0x214/0x360 net/bluetooth/mgmt.c:5364\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n sock_write_iter+0x258/0x330 net/socket.c:1133\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 12221:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4648 [inline]\n kfree+0x18e/0x440 mm/slub.c:4847\n mgmt_pending_free net/bluetooth/mgmt_util.c:311 [inline]\n mgmt_pending_foreach+0x30d/0x380 net/bluetooth/mgmt_util.c:257\n __mgmt_power_off+0x169/0x350 net/bluetooth/mgmt.c:9444\n hci_dev_close_sync+0x754/0x1330 net/bluetooth/hci_sync.c:5290\n hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]\n hci_dev_close+0x108/0x200 net/bluetooth/hci_core.c:526\n sock_do_ioctl+0xd9/0x300 net/socket.c:1192\n sock_ioctl+0x576/0x790 net/socket.c:1313\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39981",
"url": "https://www.suse.com/security/cve/CVE-2025-39981"
},
{
"category": "external",
"summary": "SUSE Bug 1252060 for CVE-2025-39981",
"url": "https://bugzilla.suse.com/1252060"
},
{
"category": "external",
"summary": "SUSE Bug 1252061 for CVE-2025-39981",
"url": "https://bugzilla.suse.com/1252061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-39981"
},
{
"cve": "CVE-2025-40018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: Defer ip_vs_ftp unregister during netns cleanup\n\nOn the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp\nbefore connections with valid cp-\u003eapp pointers are flushed, leading to a\nuse-after-free.\n\nFix this by introducing a global `exiting_module` flag, set to true in\nip_vs_ftp_exit() before unregistering the pernet subsystem. In\n__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns\ncleanup (when exiting_module is false) and defer it to\n__ip_vs_cleanup_batch(), which unregisters all apps after all connections\nare flushed. If called during module exit, unregister ip_vs_ftp\nimmediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40018",
"url": "https://www.suse.com/security/cve/CVE-2025-40018"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1252688 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1252688"
},
{
"category": "external",
"summary": "SUSE Bug 1252689 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1252689"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "important"
}
],
"title": "CVE-2025-40018"
},
{
"cve": "CVE-2025-40044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: udf: fix OOB read in lengthAllocDescs handling\n\nWhen parsing Allocation Extent Descriptor, lengthAllocDescs comes from\non-disk data and must be validated against the block size. Crafted or\ncorrupted images may set lengthAllocDescs so that the total descriptor\nlength (sizeof(allocExtDesc) + lengthAllocDescs) exceeds the buffer,\nleading udf_update_tag() to call crc_itu_t() on out-of-bounds memory and\ntrigger a KASAN use-after-free read.\n\nBUG: KASAN: use-after-free in crc_itu_t+0x1d5/0x2b0 lib/crc-itu-t.c:60\nRead of size 1 at addr ffff888041e7d000 by task syz-executor317/5309\n\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor317 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n crc_itu_t+0x1d5/0x2b0 lib/crc-itu-t.c:60\n udf_update_tag+0x70/0x6a0 fs/udf/misc.c:261\n udf_write_aext+0x4d8/0x7b0 fs/udf/inode.c:2179\n extent_trunc+0x2f7/0x4a0 fs/udf/truncate.c:46\n udf_truncate_tail_extent+0x527/0x7e0 fs/udf/truncate.c:106\n udf_release_file+0xc1/0x120 fs/udf/file.c:185\n __fput+0x23f/0x880 fs/file_table.c:431\n task_work_run+0x24f/0x310 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:43 [inline]\n do_exit+0xa2f/0x28e0 kernel/exit.c:939\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [inline]\n __se_sys_exit_group kernel/exit.c:1097 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nValidate the computed total length against epos-\u003ebh-\u003eb_size.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40044",
"url": "https://www.suse.com/security/cve/CVE-2025-40044"
},
{
"category": "external",
"summary": "SUSE Bug 1252785 for CVE-2025-40044",
"url": "https://bugzilla.suse.com/1252785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:kernel-devel-rt-5.14.21-150500.13.112.1.noarch",
"SUSE Linux Enterprise Micro 5.5:kernel-rt-5.14.21-150500.13.112.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:kernel-source-rt-5.14.21-150500.13.112.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-20T15:41:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-40044"
}
]
}
wid-sec-w-2025-2394
Vulnerability from csaf_certbund
Published
2025-10-22 22:00
Modified
2025-11-20 23:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff oder andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2394 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2394.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2394 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2394"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50556",
"url": "https://lore.kernel.org/linux-cve-announce/2025102203-CVE-2022-50556-bbe2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50557",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50557-7adc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50558",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50558-444f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50559",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50559-e162@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50560",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50560-bf0d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50561",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50561-3b76@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50562",
"url": "https://lore.kernel.org/linux-cve-announce/2025102206-CVE-2022-50562-5b54@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50563",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50563-995f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50564",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50564-c6eb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50565",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50565-ddc2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50566",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50566-9cd3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50567",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50567-17f3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50568",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50568-f109@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50569",
"url": "https://lore.kernel.org/linux-cve-announce/2025102207-CVE-2022-50569-fdd1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50570",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50570-38e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50571",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50571-00cd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50572",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50572-dbfb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50573",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50573-e131@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50574",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50574-da86@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50575",
"url": "https://lore.kernel.org/linux-cve-announce/2025102208-CVE-2022-50575-1768@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50576",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50576-98f3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50577",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50577-ebe1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50578",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50578-eb90@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50579",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50579-0f47@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50580",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50580-68e3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50581",
"url": "https://lore.kernel.org/linux-cve-announce/2025102209-CVE-2022-50581-cb39@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-50582",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2022-50582-1ac9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53692",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2023-53692-be2d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53693",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2023-53693-57fe@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53694",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2023-53694-ed6b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53695",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2023-53695-f553@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53696",
"url": "https://lore.kernel.org/linux-cve-announce/2025102210-CVE-2023-53696-dadf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53697",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53697-3078@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53698",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53698-c1f4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53699",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53699-44cc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53700",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53700-9753@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53701",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53701-fb7f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53702",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53702-a6b6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53703",
"url": "https://lore.kernel.org/linux-cve-announce/2025102211-CVE-2023-53703-7813@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53704",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53704-9f42@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53705",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53706",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53706-18d9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53707",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53707-361a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53708",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53708-0bf0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53709",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53709-553a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53710",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53710-68d7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53711",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53711-24c6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53712",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53712-b88e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53713",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53713-550a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53714",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53714-6b41@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53715",
"url": "https://lore.kernel.org/linux-cve-announce/2025102213-CVE-2023-53715-fd47@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53716",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53716-4265@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53717",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53717-e88c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53718",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53718-9142@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53719",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53719-ad4c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53720",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53720-da5a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53721",
"url": "https://lore.kernel.org/linux-cve-announce/2025102214-CVE-2023-53721-f0ca@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53722",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53722-f3ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53723",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53723-8e9e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53724",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53724-4549@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53725",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53725-0343@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53726",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53726-29cb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53727",
"url": "https://lore.kernel.org/linux-cve-announce/2025102215-CVE-2023-53727-73d8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53728",
"url": "https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53728-b851@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53729",
"url": "https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53729-ef1a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53730",
"url": "https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53730-d257@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53731",
"url": "https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53731-aef7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2023-53732",
"url": "https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53732-f3ee@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4057-1 vom 2025-11-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023254.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4111-1 vom 2025-11-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023294.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4128-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023299.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4135-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023300.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4132-1 vom 2025-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023302.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4139-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023306.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4141-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4140-1 vom 2025-11-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023305.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4149-1 vom 2025-11-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023309.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-20T23:00:00.000+00:00",
"generator": {
"date": "2025-11-21T08:17:20.253+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2394",
"initial_release_date": "2025-10-22T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-22T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-16T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-20T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T048085",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50556",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50556"
},
{
"cve": "CVE-2022-50557",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50557"
},
{
"cve": "CVE-2022-50558",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50558"
},
{
"cve": "CVE-2022-50559",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50559"
},
{
"cve": "CVE-2022-50560",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50560"
},
{
"cve": "CVE-2022-50561",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50561"
},
{
"cve": "CVE-2022-50562",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50562"
},
{
"cve": "CVE-2022-50563",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50563"
},
{
"cve": "CVE-2022-50564",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50564"
},
{
"cve": "CVE-2022-50565",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50565"
},
{
"cve": "CVE-2022-50566",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50566"
},
{
"cve": "CVE-2022-50567",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50567"
},
{
"cve": "CVE-2022-50568",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50568"
},
{
"cve": "CVE-2022-50569",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50569"
},
{
"cve": "CVE-2022-50570",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50570"
},
{
"cve": "CVE-2022-50571",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50571"
},
{
"cve": "CVE-2022-50572",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50572"
},
{
"cve": "CVE-2022-50573",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50573"
},
{
"cve": "CVE-2022-50574",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50574"
},
{
"cve": "CVE-2022-50575",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50575"
},
{
"cve": "CVE-2022-50576",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50576"
},
{
"cve": "CVE-2022-50577",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50577"
},
{
"cve": "CVE-2022-50578",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50578"
},
{
"cve": "CVE-2022-50579",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50579"
},
{
"cve": "CVE-2022-50580",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50580"
},
{
"cve": "CVE-2022-50581",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50581"
},
{
"cve": "CVE-2022-50582",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2022-50582"
},
{
"cve": "CVE-2023-53692",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53692"
},
{
"cve": "CVE-2023-53693",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53693"
},
{
"cve": "CVE-2023-53694",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53694"
},
{
"cve": "CVE-2023-53695",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53695"
},
{
"cve": "CVE-2023-53696",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53696"
},
{
"cve": "CVE-2023-53697",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53697"
},
{
"cve": "CVE-2023-53698",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53698"
},
{
"cve": "CVE-2023-53699",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53699"
},
{
"cve": "CVE-2023-53700",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53700"
},
{
"cve": "CVE-2023-53701",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53701"
},
{
"cve": "CVE-2023-53702",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53702"
},
{
"cve": "CVE-2023-53703",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53703"
},
{
"cve": "CVE-2023-53704",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53704"
},
{
"cve": "CVE-2023-53705",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53705"
},
{
"cve": "CVE-2023-53706",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53706"
},
{
"cve": "CVE-2023-53707",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53707"
},
{
"cve": "CVE-2023-53708",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53708"
},
{
"cve": "CVE-2023-53709",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53709"
},
{
"cve": "CVE-2023-53710",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53710"
},
{
"cve": "CVE-2023-53711",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53711"
},
{
"cve": "CVE-2023-53712",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53712"
},
{
"cve": "CVE-2023-53713",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53713"
},
{
"cve": "CVE-2023-53714",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53714"
},
{
"cve": "CVE-2023-53715",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53715"
},
{
"cve": "CVE-2023-53716",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53716"
},
{
"cve": "CVE-2023-53717",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53717"
},
{
"cve": "CVE-2023-53718",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53718"
},
{
"cve": "CVE-2023-53719",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53719"
},
{
"cve": "CVE-2023-53720",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53720"
},
{
"cve": "CVE-2023-53721",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53721"
},
{
"cve": "CVE-2023-53722",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53722"
},
{
"cve": "CVE-2023-53723",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53723"
},
{
"cve": "CVE-2023-53724",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53724"
},
{
"cve": "CVE-2023-53725",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53725"
},
{
"cve": "CVE-2023-53726",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53726"
},
{
"cve": "CVE-2023-53727",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53727"
},
{
"cve": "CVE-2023-53728",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53728"
},
{
"cve": "CVE-2023-53729",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53729"
},
{
"cve": "CVE-2023-53730",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53730"
},
{
"cve": "CVE-2023-53731",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53731"
},
{
"cve": "CVE-2023-53732",
"product_status": {
"known_affected": [
"T002207",
"T048085"
]
},
"release_date": "2025-10-22T22:00:00.000+00:00",
"title": "CVE-2023-53732"
}
]
}
fkie_cve-2022-50577
Vulnerability from fkie_nvd
Published
2025-10-22 14:15
Modified
2025-10-22 21:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ima: Fix memory leak in __ima_inode_hash()
Commit f3cc6b25dcc5 ("ima: always measure and audit files in policy") lets
measurement or audit happen even if the file digest cannot be calculated.
As a result, iint->ima_hash could have been allocated despite
ima_collect_measurement() returning an error.
Since ima_hash belongs to a temporary inode metadata structure, declared
at the beginning of __ima_inode_hash(), just add a kfree() call if
ima_collect_measurement() returns an error different from -ENOMEM (in that
case, ima_hash should not have been allocated).
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/c4df8cb38f139ed9f4296868c0a6f15a26e8c491 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/f375bcf69f58fd0744c9dfd1b6b891a27301d67b |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix memory leak in __ima_inode_hash()\n\nCommit f3cc6b25dcc5 (\"ima: always measure and audit files in policy\") lets\nmeasurement or audit happen even if the file digest cannot be calculated.\n\nAs a result, iint-\u003eima_hash could have been allocated despite\nima_collect_measurement() returning an error.\n\nSince ima_hash belongs to a temporary inode metadata structure, declared\nat the beginning of __ima_inode_hash(), just add a kfree() call if\nima_collect_measurement() returns an error different from -ENOMEM (in that\ncase, ima_hash should not have been allocated)."
}
],
"id": "CVE-2022-50577",
"lastModified": "2025-10-22T21:12:48.953",
"metrics": {},
"published": "2025-10-22T14:15:42.677",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/8c1d6a050a0f16e0a9d32eaf53b965c77279c6f8"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/c4df8cb38f139ed9f4296868c0a6f15a26e8c491"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/f375bcf69f58fd0744c9dfd1b6b891a27301d67b"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
CERTFR-2025-AVI-1032
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | N/A | Public Cloud Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | Basesystem Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Public Cloud Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | Legacy Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 LTS | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Manager Server 4.3 LTS | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 LTS | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | Development Tools Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Real Time Module 15-SP7 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3 LTS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3 LTS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3 LTS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP7",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-50501",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50501"
},
{
"name": "CVE-2023-53645",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53645"
},
{
"name": "CVE-2023-53562",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53562"
},
{
"name": "CVE-2025-39987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39987"
},
{
"name": "CVE-2025-39812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39812"
},
{
"name": "CVE-2025-39997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39997"
},
{
"name": "CVE-2023-53247",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53247"
},
{
"name": "CVE-2023-53648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53648"
},
{
"name": "CVE-2023-53733",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53733"
},
{
"name": "CVE-2025-39808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39808"
},
{
"name": "CVE-2022-50493",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50493"
},
{
"name": "CVE-2022-50561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50561"
},
{
"name": "CVE-2022-50498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50498"
},
{
"name": "CVE-2023-53312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53312"
},
{
"name": "CVE-2022-50482",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50482"
},
{
"name": "CVE-2022-50527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50527"
},
{
"name": "CVE-2025-39876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39876"
},
{
"name": "CVE-2025-40029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40029"
},
{
"name": "CVE-2023-53311",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53311"
},
{
"name": "CVE-2025-40037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40037"
},
{
"name": "CVE-2022-50521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50521"
},
{
"name": "CVE-2025-39947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39947"
},
{
"name": "CVE-2023-53588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53588"
},
{
"name": "CVE-2023-53480",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53480"
},
{
"name": "CVE-2023-53303",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53303"
},
{
"name": "CVE-2022-50488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50488"
},
{
"name": "CVE-2025-39757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
},
{
"name": "CVE-2025-39902",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39902"
},
{
"name": "CVE-2023-53693",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53693"
},
{
"name": "CVE-2025-40043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40043"
},
{
"name": "CVE-2023-53150",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53150"
},
{
"name": "CVE-2022-50484",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50484"
},
{
"name": "CVE-2023-53321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53321"
},
{
"name": "CVE-2025-39772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39772"
},
{
"name": "CVE-2023-53362",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53362"
},
{
"name": "CVE-2022-49053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49053"
},
{
"name": "CVE-2025-39948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39948"
},
{
"name": "CVE-2025-39826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39826"
},
{
"name": "CVE-2025-39702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39702"
},
{
"name": "CVE-2025-39973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39973"
},
{
"name": "CVE-2025-39881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39881"
},
{
"name": "CVE-2025-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39685"
},
{
"name": "CVE-2025-39761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
},
{
"name": "CVE-2023-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53185"
},
{
"name": "CVE-2023-53674",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53674"
},
{
"name": "CVE-2025-39945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39945"
},
{
"name": "CVE-2023-53421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53421"
},
{
"name": "CVE-2023-53441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53441"
},
{
"name": "CVE-2023-53729",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53729"
},
{
"name": "CVE-2023-53245",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53245"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-40100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40100"
},
{
"name": "CVE-2025-39827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39827"
},
{
"name": "CVE-2023-53550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53550"
},
{
"name": "CVE-2023-53578",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53578"
},
{
"name": "CVE-2025-40019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40019"
},
{
"name": "CVE-2023-7324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7324"
},
{
"name": "CVE-2023-53461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53461"
},
{
"name": "CVE-2023-53531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53531"
},
{
"name": "CVE-2025-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39828"
},
{
"name": "CVE-2025-39889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39889"
},
{
"name": "CVE-2023-53601",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53601"
},
{
"name": "CVE-2023-53258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53258"
},
{
"name": "CVE-2022-50562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50562"
},
{
"name": "CVE-2023-53612",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53612"
},
{
"name": "CVE-2022-50549",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50549"
},
{
"name": "CVE-2023-53429",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53429"
},
{
"name": "CVE-2024-47684",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47684"
},
{
"name": "CVE-2022-50582",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50582"
},
{
"name": "CVE-2023-53653",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53653"
},
{
"name": "CVE-2023-53451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53451"
},
{
"name": "CVE-2025-40016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40016"
},
{
"name": "CVE-2023-53667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53667"
},
{
"name": "CVE-2023-53325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53325"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2023-53616",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53616"
},
{
"name": "CVE-2023-53654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53654"
},
{
"name": "CVE-2023-53726",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53726"
},
{
"name": "CVE-2023-53394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53394"
},
{
"name": "CVE-2025-39925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39925"
},
{
"name": "CVE-2023-53659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53659"
},
{
"name": "CVE-2025-40056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40056"
},
{
"name": "CVE-2025-39911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39911"
},
{
"name": "CVE-2022-50579",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50579"
},
{
"name": "CVE-2025-40052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40052"
},
{
"name": "CVE-2022-50546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50546"
},
{
"name": "CVE-2023-53605",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53605"
},
{
"name": "CVE-2022-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50386"
},
{
"name": "CVE-2025-38644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38644"
},
{
"name": "CVE-2025-38692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38692"
},
{
"name": "CVE-2023-53209",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53209"
},
{
"name": "CVE-2024-50302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
},
{
"name": "CVE-2025-39701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39701"
},
{
"name": "CVE-2023-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53222"
},
{
"name": "CVE-2023-53264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53264"
},
{
"name": "CVE-2025-40005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40005"
},
{
"name": "CVE-2023-53615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53615"
},
{
"name": "CVE-2022-50560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50560"
},
{
"name": "CVE-2023-53686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53686"
},
{
"name": "CVE-2023-53719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53719"
},
{
"name": "CVE-2023-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53681"
},
{
"name": "CVE-2025-39967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39967"
},
{
"name": "CVE-2023-53519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53519"
},
{
"name": "CVE-2023-53447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53447"
},
{
"name": "CVE-2023-53472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53472"
},
{
"name": "CVE-2023-53533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53533"
},
{
"name": "CVE-2023-53611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53611"
},
{
"name": "CVE-2023-53248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53248"
},
{
"name": "CVE-2025-39709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39709"
},
{
"name": "CVE-2023-53217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53217"
},
{
"name": "CVE-2023-53491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53491"
},
{
"name": "CVE-2023-53633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53633"
},
{
"name": "CVE-2025-39920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39920"
},
{
"name": "CVE-2023-53354",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53354"
},
{
"name": "CVE-2023-53504",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53504"
},
{
"name": "CVE-2025-40058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40058"
},
{
"name": "CVE-2025-38734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38734"
},
{
"name": "CVE-2025-38653",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38653"
},
{
"name": "CVE-2022-50432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50432"
},
{
"name": "CVE-2023-53713",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53713"
},
{
"name": "CVE-2022-50478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50478"
},
{
"name": "CVE-2025-38695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38695"
},
{
"name": "CVE-2023-52923",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52923"
},
{
"name": "CVE-2023-53323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53323"
},
{
"name": "CVE-2023-53697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53697"
},
{
"name": "CVE-2025-39949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39949"
},
{
"name": "CVE-2023-53617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53617"
},
{
"name": "CVE-2022-50532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50532"
},
{
"name": "CVE-2023-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53189"
},
{
"name": "CVE-2023-53692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53692"
},
{
"name": "CVE-2022-50520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50520"
},
{
"name": "CVE-2022-50511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50511"
},
{
"name": "CVE-2023-53309",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53309"
},
{
"name": "CVE-2025-40010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40010"
},
{
"name": "CVE-2025-39923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39923"
},
{
"name": "CVE-2022-50334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50334"
},
{
"name": "CVE-2025-39866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39866"
},
{
"name": "CVE-2022-50577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50577"
},
{
"name": "CVE-2023-53577",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53577"
},
{
"name": "CVE-2025-39751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39751"
},
{
"name": "CVE-2023-53425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53425"
},
{
"name": "CVE-2022-50568",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50568"
},
{
"name": "CVE-2023-53235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53235"
},
{
"name": "CVE-2022-50504",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50504"
},
{
"name": "CVE-2023-53304",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53304"
},
{
"name": "CVE-2022-50523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50523"
},
{
"name": "CVE-2024-56601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56601"
},
{
"name": "CVE-2023-53339",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53339"
},
{
"name": "CVE-2025-39969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39969"
},
{
"name": "CVE-2023-53567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53567"
},
{
"name": "CVE-2023-53280",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53280"
},
{
"name": "CVE-2023-53179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53179"
},
{
"name": "CVE-2025-38706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38706"
},
{
"name": "CVE-2025-39750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39750"
},
{
"name": "CVE-2022-50524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50524"
},
{
"name": "CVE-2025-38699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38699"
},
{
"name": "CVE-2023-53603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53603"
},
{
"name": "CVE-2023-53520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53520"
},
{
"name": "CVE-2023-53493",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53493"
},
{
"name": "CVE-2023-53665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53665"
},
{
"name": "CVE-2025-40082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40082"
},
{
"name": "CVE-2023-53576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53576"
},
{
"name": "CVE-2025-40104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40104"
},
{
"name": "CVE-2023-53492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53492"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2023-31248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
},
{
"name": "CVE-2025-39853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39853"
},
{
"name": "CVE-2023-53221",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53221"
},
{
"name": "CVE-2025-39871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39871"
},
{
"name": "CVE-2022-50566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50566"
},
{
"name": "CVE-2023-53619",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53619"
},
{
"name": "CVE-2023-53566",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53566"
},
{
"name": "CVE-2025-40035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40035"
},
{
"name": "CVE-2023-53602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53602"
},
{
"name": "CVE-2025-39988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39988"
},
{
"name": "CVE-2023-53462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53462"
},
{
"name": "CVE-2022-50490",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50490"
},
{
"name": "CVE-2025-39675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39675"
},
{
"name": "CVE-2025-39679",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39679"
},
{
"name": "CVE-2025-39763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39763"
},
{
"name": "CVE-2025-40020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40020"
},
{
"name": "CVE-2022-50494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50494"
},
{
"name": "CVE-2023-53148",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53148"
},
{
"name": "CVE-2025-38693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38693"
},
{
"name": "CVE-2023-53505",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53505"
},
{
"name": "CVE-2025-38685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38685"
},
{
"name": "CVE-2023-53275",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53275"
},
{
"name": "CVE-2022-50479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50479"
},
{
"name": "CVE-2023-53700",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53700"
},
{
"name": "CVE-2023-53716",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53716"
},
{
"name": "CVE-2024-50154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50154"
},
{
"name": "CVE-2023-53183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53183"
},
{
"name": "CVE-2023-53195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53195"
},
{
"name": "CVE-2025-38008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38008"
},
{
"name": "CVE-2025-39864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39864"
},
{
"name": "CVE-2025-39730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
},
{
"name": "CVE-2025-40013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40013"
},
{
"name": "CVE-2023-53319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53319"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-39824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39824"
},
{
"name": "CVE-2023-53515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53515"
},
{
"name": "CVE-2023-53420",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53420"
},
{
"name": "CVE-2023-53424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53424"
},
{
"name": "CVE-2023-53305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53305"
},
{
"name": "CVE-2025-40049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40049"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2025-38702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38702"
},
{
"name": "CVE-2023-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53177"
},
{
"name": "CVE-2023-53631",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53631"
},
{
"name": "CVE-2023-53369",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53369"
},
{
"name": "CVE-2022-49563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49563"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2023-53641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53641"
},
{
"name": "CVE-2025-38698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38698"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2023-53328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53328"
},
{
"name": "CVE-2022-50576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50576"
},
{
"name": "CVE-2023-53640",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53640"
},
{
"name": "CVE-2025-39739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39739"
},
{
"name": "CVE-2023-53165",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53165"
},
{
"name": "CVE-2025-39849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39849"
},
{
"name": "CVE-2022-50512",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50512"
},
{
"name": "CVE-2023-53438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53438"
},
{
"name": "CVE-2023-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53238"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2022-50519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50519"
},
{
"name": "CVE-2025-39861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39861"
},
{
"name": "CVE-2023-53600",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53600"
},
{
"name": "CVE-2022-50541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50541"
},
{
"name": "CVE-2025-39743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39743"
},
{
"name": "CVE-2022-50505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50505"
},
{
"name": "CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"name": "CVE-2025-38712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38712"
},
{
"name": "CVE-2022-50526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50526"
},
{
"name": "CVE-2023-53662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53662"
},
{
"name": "CVE-2023-53360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53360"
},
{
"name": "CVE-2023-53707",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53707"
},
{
"name": "CVE-2022-50535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50535"
},
{
"name": "CVE-2023-53563",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53563"
},
{
"name": "CVE-2023-53698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53698"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2023-53336",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53336"
},
{
"name": "CVE-2023-53426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53426"
},
{
"name": "CVE-2023-53370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53370"
},
{
"name": "CVE-2023-53448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53448"
},
{
"name": "CVE-2023-53374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53374"
},
{
"name": "CVE-2023-53384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53384"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2023-53546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53546"
},
{
"name": "CVE-2025-39970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39970"
},
{
"name": "CVE-2025-40032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40032"
},
{
"name": "CVE-2025-39981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39981"
},
{
"name": "CVE-2025-39994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39994"
},
{
"name": "CVE-2025-39732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39732"
},
{
"name": "CVE-2024-50115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50115"
},
{
"name": "CVE-2023-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53367"
},
{
"name": "CVE-2022-50529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50529"
},
{
"name": "CVE-2023-53705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53705"
},
{
"name": "CVE-2022-50485",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50485"
},
{
"name": "CVE-2023-53621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53621"
},
{
"name": "CVE-2024-53173",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53173"
},
{
"name": "CVE-2023-53457",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53457"
},
{
"name": "CVE-2025-40088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40088"
},
{
"name": "CVE-2025-39845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39845"
},
{
"name": "CVE-2023-53637",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53637"
},
{
"name": "CVE-2023-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53230"
},
{
"name": "CVE-2023-53397",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53397"
},
{
"name": "CVE-2022-50578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50578"
},
{
"name": "CVE-2023-53516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53516"
},
{
"name": "CVE-2022-50551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50551"
},
{
"name": "CVE-2025-38499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38499"
},
{
"name": "CVE-2022-50564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50564"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2025-40062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40062"
},
{
"name": "CVE-2022-50525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50525"
},
{
"name": "CVE-2023-53543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53543"
},
{
"name": "CVE-2022-50503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50503"
},
{
"name": "CVE-2023-53708",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53708"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-38735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38735"
},
{
"name": "CVE-2023-53287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53287"
},
{
"name": "CVE-2022-50492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50492"
},
{
"name": "CVE-2025-40011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40011"
},
{
"name": "CVE-2024-56600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56600"
},
{
"name": "CVE-2025-40085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40085"
},
{
"name": "CVE-2023-53350",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53350"
},
{
"name": "CVE-2022-50572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50572"
},
{
"name": "CVE-2023-53723",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53723"
},
{
"name": "CVE-2023-53721",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53721"
},
{
"name": "CVE-2023-53660",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53660"
},
{
"name": "CVE-2023-53703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53703"
},
{
"name": "CVE-2023-53585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53585"
},
{
"name": "CVE-2023-53672",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53672"
},
{
"name": "CVE-2023-53454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53454"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2023-53731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53731"
},
{
"name": "CVE-2023-53582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53582"
},
{
"name": "CVE-2023-53322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53322"
},
{
"name": "CVE-2023-53220",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53220"
},
{
"name": "CVE-2025-40012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40012"
},
{
"name": "CVE-2022-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48956"
},
{
"name": "CVE-2023-53552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53552"
},
{
"name": "CVE-2023-53272",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53272"
},
{
"name": "CVE-2022-50388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50388"
},
{
"name": "CVE-2023-53210",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53210"
},
{
"name": "CVE-2025-38694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38694"
},
{
"name": "CVE-2023-53657",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53657"
},
{
"name": "CVE-2023-53568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53568"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-53528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53528"
},
{
"name": "CVE-2023-53656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53656"
},
{
"name": "CVE-2023-53496",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53496"
},
{
"name": "CVE-2025-38729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38729"
},
{
"name": "CVE-2023-53257",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53257"
},
{
"name": "CVE-2023-53523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53523"
},
{
"name": "CVE-2023-53555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53555"
},
{
"name": "CVE-2023-53539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
},
{
"name": "CVE-2022-50563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50563"
},
{
"name": "CVE-2023-53357",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53357"
},
{
"name": "CVE-2025-38681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38681"
},
{
"name": "CVE-2023-53574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53574"
},
{
"name": "CVE-2023-53556",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53556"
},
{
"name": "CVE-2023-53607",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53607"
},
{
"name": "CVE-2025-39968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39968"
},
{
"name": "CVE-2022-50515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50515"
},
{
"name": "CVE-2025-38687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38687"
},
{
"name": "CVE-2022-50499",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50499"
},
{
"name": "CVE-2023-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53488"
},
{
"name": "CVE-2025-39986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39986"
},
{
"name": "CVE-2022-43945",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43945"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2023-53356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53356"
},
{
"name": "CVE-2023-53553",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53553"
},
{
"name": "CVE-2023-53572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53572"
},
{
"name": "CVE-2023-53599",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53599"
},
{
"name": "CVE-2023-53594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53594"
},
{
"name": "CVE-2023-53510",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53510"
},
{
"name": "CVE-2023-53575",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53575"
},
{
"name": "CVE-2023-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53151"
},
{
"name": "CVE-2025-38715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38715"
},
{
"name": "CVE-2025-40078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40078"
},
{
"name": "CVE-2022-50580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50580"
},
{
"name": "CVE-2025-39710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39710"
},
{
"name": "CVE-2023-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53215"
},
{
"name": "CVE-2025-39895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39895"
},
{
"name": "CVE-2023-53288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53288"
},
{
"name": "CVE-2024-26584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26584"
},
{
"name": "CVE-2025-39934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39934"
},
{
"name": "CVE-2022-50530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50530"
},
{
"name": "CVE-2023-53722",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53722"
},
{
"name": "CVE-2025-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39978"
},
{
"name": "CVE-2025-39683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39683"
},
{
"name": "CVE-2023-53352",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53352"
},
{
"name": "CVE-2023-53625",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53625"
},
{
"name": "CVE-2023-53644",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53644"
},
{
"name": "CVE-2025-39794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39794"
},
{
"name": "CVE-2023-53675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53675"
},
{
"name": "CVE-2023-53291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53291"
},
{
"name": "CVE-2025-39996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39996"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2023-53613",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53613"
},
{
"name": "CVE-2023-53564",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53564"
},
{
"name": "CVE-2023-53545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53545"
},
{
"name": "CVE-2023-53538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53538"
},
{
"name": "CVE-2025-39697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
},
{
"name": "CVE-2023-53263",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53263"
},
{
"name": "CVE-2023-53527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53527"
},
{
"name": "CVE-2025-38713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38713"
},
{
"name": "CVE-2025-39938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39938"
},
{
"name": "CVE-2025-39982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39982"
},
{
"name": "CVE-2025-39965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39965"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2023-53324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53324"
},
{
"name": "CVE-2023-53465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53465"
},
{
"name": "CVE-2025-39810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39810"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2023-53368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53368"
},
{
"name": "CVE-2025-38697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38697"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2023-53728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53728"
},
{
"name": "CVE-2023-53649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53649"
},
{
"name": "CVE-2025-38691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38691"
},
{
"name": "CVE-2025-39759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39759"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2022-50575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50575"
},
{
"name": "CVE-2023-53518",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53518"
},
{
"name": "CVE-2022-50581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50581"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2022-50534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50534"
},
{
"name": "CVE-2025-39860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39860"
},
{
"name": "CVE-2023-53670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53670"
},
{
"name": "CVE-2025-40091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40091"
},
{
"name": "CVE-2025-39721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39721"
},
{
"name": "CVE-2023-53604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53604"
},
{
"name": "CVE-2025-39760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39760"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2023-53608",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53608"
},
{
"name": "CVE-2025-39673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39673"
},
{
"name": "CVE-2023-53596",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53596"
},
{
"name": "CVE-2022-50489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50489"
},
{
"name": "CVE-2025-39839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39839"
},
{
"name": "CVE-2023-53282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53282"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2023-53730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53730"
},
{
"name": "CVE-2023-53717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53717"
},
{
"name": "CVE-2025-39848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39848"
},
{
"name": "CVE-2023-53583",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53583"
},
{
"name": "CVE-2023-53591",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53591"
},
{
"name": "CVE-2025-39800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39800"
},
{
"name": "CVE-2025-40044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40044"
},
{
"name": "CVE-2023-53391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53391"
},
{
"name": "CVE-2023-53650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53650"
},
{
"name": "CVE-2023-53487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53487"
},
{
"name": "CVE-2023-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53547"
},
{
"name": "CVE-2023-53679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53679"
},
{
"name": "CVE-2023-53338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53338"
},
{
"name": "CVE-2023-53696",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53696"
},
{
"name": "CVE-2025-39971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
},
{
"name": "CVE-2023-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53231"
},
{
"name": "CVE-2022-50544",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50544"
},
{
"name": "CVE-2023-53592",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53592"
},
{
"name": "CVE-2023-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53206"
},
{
"name": "CVE-2023-53432",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53432"
},
{
"name": "CVE-2022-50497",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50497"
},
{
"name": "CVE-2023-53557",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53557"
},
{
"name": "CVE-2023-53554",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53554"
},
{
"name": "CVE-2023-53724",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53724"
},
{
"name": "CVE-2025-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38552"
},
{
"name": "CVE-2023-53718",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53718"
},
{
"name": "CVE-2025-39882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39882"
},
{
"name": "CVE-2025-39991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39991"
},
{
"name": "CVE-2023-53542",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53542"
},
{
"name": "CVE-2025-39801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39801"
},
{
"name": "CVE-2023-53709",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53709"
},
{
"name": "CVE-2023-53530",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53530"
},
{
"name": "CVE-2025-39724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39724"
},
{
"name": "CVE-2022-50471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50471"
},
{
"name": "CVE-2023-53666",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53666"
},
{
"name": "CVE-2025-39758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39758"
},
{
"name": "CVE-2025-39694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39694"
},
{
"name": "CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"name": "CVE-2025-39806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39806"
},
{
"name": "CVE-2022-50553",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50553"
},
{
"name": "CVE-2023-53479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53479"
},
{
"name": "CVE-2023-53658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53658"
},
{
"name": "CVE-2025-39851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39851"
},
{
"name": "CVE-2024-53214",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53214"
},
{
"name": "CVE-2023-53313",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53313"
},
{
"name": "CVE-2022-50574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50574"
},
{
"name": "CVE-2025-39972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39972"
},
{
"name": "CVE-2022-50487",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50487"
},
{
"name": "CVE-2023-53395",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53395"
},
{
"name": "CVE-2025-39684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39684"
},
{
"name": "CVE-2023-53579",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53579"
},
{
"name": "CVE-2023-53485",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53485"
},
{
"name": "CVE-2023-53589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53589"
},
{
"name": "CVE-2023-53558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53558"
},
{
"name": "CVE-2025-39870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39870"
},
{
"name": "CVE-2025-38494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38494"
},
{
"name": "CVE-2025-40018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40018"
},
{
"name": "CVE-2023-53646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53646"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2023-53548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53548"
},
{
"name": "CVE-2024-53146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53146"
},
{
"name": "CVE-2023-53365",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53365"
},
{
"name": "CVE-2025-39797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39797"
},
{
"name": "CVE-2025-38725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38725"
},
{
"name": "CVE-2023-53184",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53184"
},
{
"name": "CVE-2022-50556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50556"
},
{
"name": "CVE-2023-53587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53587"
},
{
"name": "CVE-2023-53680",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53680"
},
{
"name": "CVE-2025-40102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40102"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2022-50542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50542"
},
{
"name": "CVE-2023-53196",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53196"
},
{
"name": "CVE-2023-53501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53501"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-53331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53331"
},
{
"name": "CVE-2025-40071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40071"
},
{
"name": "CVE-2025-38683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38683"
},
{
"name": "CVE-2024-46818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46818"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-40080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40080"
},
{
"name": "CVE-2025-39846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39846"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2023-53534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53534"
},
{
"name": "CVE-2022-50528",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50528"
},
{
"name": "CVE-2023-53711",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53711"
},
{
"name": "CVE-2023-53152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53152"
},
{
"name": "CVE-2025-39850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39850"
},
{
"name": "CVE-2024-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49860"
},
{
"name": "CVE-2023-53442",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53442"
},
{
"name": "CVE-2023-53626",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53626"
},
{
"name": "CVE-2025-39844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39844"
},
{
"name": "CVE-2022-50472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50472"
},
{
"name": "CVE-2025-39742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39742"
},
{
"name": "CVE-2023-53570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53570"
},
{
"name": "CVE-2023-53286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53286"
},
{
"name": "CVE-2023-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53207"
},
{
"name": "CVE-2023-53687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53687"
},
{
"name": "CVE-2023-53668",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53668"
},
{
"name": "CVE-2023-53560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53560"
},
{
"name": "CVE-2023-53205",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53205"
},
{
"name": "CVE-2025-39863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39863"
},
{
"name": "CVE-2023-53180",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53180"
},
{
"name": "CVE-2023-53551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53551"
},
{
"name": "CVE-2023-53385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53385"
},
{
"name": "CVE-2023-53226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53226"
},
{
"name": "CVE-2022-50570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50570"
},
{
"name": "CVE-2024-58240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58240"
},
{
"name": "CVE-2025-39957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39957"
},
{
"name": "CVE-2023-53571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53571"
},
{
"name": "CVE-2023-53249",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53249"
},
{
"name": "CVE-2023-53540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53540"
},
{
"name": "CVE-2023-53252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53252"
},
{
"name": "CVE-2025-39726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39726"
},
{
"name": "CVE-2025-39931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39931"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2023-53364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53364"
},
{
"name": "CVE-2022-50423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50423"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2025-39937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39937"
},
{
"name": "CVE-2023-53508",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53508"
},
{
"name": "CVE-2023-53526",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53526"
},
{
"name": "CVE-2025-40060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40060"
},
{
"name": "CVE-2025-39891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39891"
},
{
"name": "CVE-2025-39790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39790"
},
{
"name": "CVE-2024-53104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53104"
},
{
"name": "CVE-2023-53255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53255"
},
{
"name": "CVE-2023-53618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53618"
},
{
"name": "CVE-2025-38680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38680"
},
{
"name": "CVE-2023-53379",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53379"
},
{
"name": "CVE-2025-39686",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39686"
},
{
"name": "CVE-2025-39798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39798"
},
{
"name": "CVE-2025-39900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39900"
},
{
"name": "CVE-2025-38495",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38495"
},
{
"name": "CVE-2022-49179",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49179"
},
{
"name": "CVE-2023-53343",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53343"
},
{
"name": "CVE-2023-53204",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53204"
},
{
"name": "CVE-2025-39714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39714"
},
{
"name": "CVE-2023-53704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53704"
},
{
"name": "CVE-2023-53333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53333"
},
{
"name": "CVE-2023-53456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53456"
},
{
"name": "CVE-2023-53638",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53638"
},
{
"name": "CVE-2023-53446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53446"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2023-53463",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53463"
},
{
"name": "CVE-2023-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53170"
},
{
"name": "CVE-2023-53260",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53260"
},
{
"name": "CVE-2025-39854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39854"
},
{
"name": "CVE-2023-53386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53386"
},
{
"name": "CVE-2025-39984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39984"
},
{
"name": "CVE-2025-39706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39706"
},
{
"name": "CVE-2025-39869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39869"
},
{
"name": "CVE-2025-39985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39985"
},
{
"name": "CVE-2023-53181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53181"
},
{
"name": "CVE-2023-53581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53581"
},
{
"name": "CVE-2024-53156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53156"
},
{
"name": "CVE-2023-53174",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53174"
},
{
"name": "CVE-2025-39719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39719"
},
{
"name": "CVE-2025-39952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39952"
},
{
"name": "CVE-2023-53507",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53507"
},
{
"name": "CVE-2023-53314",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53314"
},
{
"name": "CVE-2022-50470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50470"
},
{
"name": "CVE-2024-47674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47674"
},
{
"name": "CVE-2022-50516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50516"
},
{
"name": "CVE-2023-53647",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53647"
},
{
"name": "CVE-2022-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50252"
},
{
"name": "CVE-2025-39713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39713"
},
{
"name": "CVE-2023-53541",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53541"
},
{
"name": "CVE-2023-53316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53316"
},
{
"name": "CVE-2023-53727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53727"
},
{
"name": "CVE-2022-50475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50475"
},
{
"name": "CVE-2023-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53208"
},
{
"name": "CVE-2025-39756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39756"
},
{
"name": "CVE-2025-38539",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38539"
},
{
"name": "CVE-2023-53580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53580"
},
{
"name": "CVE-2022-50496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50496"
},
{
"name": "CVE-2025-38736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38736"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2022-50567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50567"
},
{
"name": "CVE-2023-53598",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53598"
},
{
"name": "CVE-2023-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53167"
},
{
"name": "CVE-2023-53342",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53342"
},
{
"name": "CVE-2023-53663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53663"
},
{
"name": "CVE-2025-39946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39946"
},
{
"name": "CVE-2023-53632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53632"
},
{
"name": "CVE-2025-39693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39693"
},
{
"name": "CVE-2024-56605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56605"
},
{
"name": "CVE-2023-53490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53490"
},
{
"name": "CVE-2023-53444",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53444"
},
{
"name": "CVE-2023-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53175"
},
{
"name": "CVE-2023-53622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53622"
},
{
"name": "CVE-2023-53639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53639"
},
{
"name": "CVE-2022-50537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50537"
},
{
"name": "CVE-2023-53699",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53699"
},
{
"name": "CVE-2022-50327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50327"
},
{
"name": "CVE-2023-53274",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53274"
},
{
"name": "CVE-2022-50480",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50480"
},
{
"name": "CVE-2023-39197",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39197"
},
{
"name": "CVE-2025-40036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40036"
},
{
"name": "CVE-2025-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39833"
},
{
"name": "CVE-2025-39676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39676"
},
{
"name": "CVE-2025-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39832"
},
{
"name": "CVE-2023-53495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53495"
},
{
"name": "CVE-2025-40000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40000"
},
{
"name": "CVE-2023-53436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53436"
},
{
"name": "CVE-2025-39813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39813"
},
{
"name": "CVE-2024-50279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-57893",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57893"
},
{
"name": "CVE-2023-53559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53559"
},
{
"name": "CVE-2023-53695",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53695"
},
{
"name": "CVE-2023-53725",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53725"
},
{
"name": "CVE-2022-50514",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50514"
},
{
"name": "CVE-2023-53377",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53377"
},
{
"name": "CVE-2023-53500",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53500"
},
{
"name": "CVE-2025-39995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39995"
},
{
"name": "CVE-2025-39847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39847"
},
{
"name": "CVE-2024-47706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47706"
},
{
"name": "CVE-2025-39783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39783"
},
{
"name": "CVE-2025-40096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40096"
},
{
"name": "CVE-2023-53243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53243"
},
{
"name": "CVE-2025-38700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38700"
},
{
"name": "CVE-2022-50513",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50513"
},
{
"name": "CVE-2023-53428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53428"
},
{
"name": "CVE-2022-50545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50545"
},
{
"name": "CVE-2025-39841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39841"
},
{
"name": "CVE-2023-53651",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53651"
},
{
"name": "CVE-2022-49564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49564"
},
{
"name": "CVE-2025-39907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39907"
},
{
"name": "CVE-2023-53147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53147"
},
{
"name": "CVE-2022-50543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50543"
},
{
"name": "CVE-2023-53292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53292"
},
{
"name": "CVE-2025-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38476"
},
{
"name": "CVE-2023-53371",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53371"
},
{
"name": "CVE-2022-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50559"
},
{
"name": "CVE-2023-53593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53593"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2025-40061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40061"
},
{
"name": "CVE-2023-53187",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53187"
},
{
"name": "CVE-2023-53201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53201"
},
{
"name": "CVE-2024-56650",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56650"
},
{
"name": "CVE-2025-39873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39873"
},
{
"name": "CVE-2023-53652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53652"
},
{
"name": "CVE-2023-53597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53597"
},
{
"name": "CVE-2023-53192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53192"
},
{
"name": "CVE-2023-53715",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53715"
},
{
"name": "CVE-2025-38714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38714"
},
{
"name": "CVE-2023-53251",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53251"
},
{
"name": "CVE-2023-53683",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53683"
},
{
"name": "CVE-2023-53380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53380"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-40051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40051"
},
{
"name": "CVE-2022-50509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50509"
},
{
"name": "CVE-2025-40087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40087"
},
{
"name": "CVE-2024-45016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45016"
}
],
"initial_release_date": "2025-11-21T00:00:00",
"last_revision_date": "2025-11-21T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1032",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4128-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254128-1"
},
{
"published_at": "2025-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4123-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254123-1"
},
{
"published_at": "2025-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4140-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254140-1"
},
{
"published_at": "2025-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4141-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254141-1"
},
{
"published_at": "2025-11-19",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4139-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254139-1"
},
{
"published_at": "2025-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4135-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254135-1"
},
{
"published_at": "2025-11-15",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4111-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254111-1"
},
{
"published_at": "2025-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4149-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254149-1"
},
{
"published_at": "2025-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:4132-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254132-1"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…